Bug#1001335: apt should use TLSv1.3 Record Padding to obscure file size metadata
On Wed, Dec 08, 2021 at 09:44:19PM +0100, Hans-Christoph Steiner wrote:
>
> Package: apt
> Version: 2.3.13
> Severity: wishlist
>
> apt should pad its TLS connections to obscure the size of the downloaded
> files from network observers. Right now, an attacker could build an index
> of all package sizes, then track the size of HTTPS streams to Debian
> mirrors, and from that, be able to identify most of the packages being
> downloaded over HTTPS.
TLS record padding does not help with that. First of all, we pipeline
all our requests; secondly, we'd not be padding to the extent that this
would hide things (think pad everything to 1MB); third, security updates
are updated quickly, it's unlikely you'd be unable to identify them. In
fact, what you want to do is identify which security updates have not
been applied, and you can just track last conversation with security.d.o
for that :)
So in summary, I don't think it's relevant for us
> TLSv1.3 added the possibility to add padding TLS connections:
> https://tools.ietf.org/id/draft-ietf-tls-tls13-21.html#rfc.section.5.4
>
> GnuTLS already supports it:
> https://www.gnutls.org/manual/gnutls.html#On-Record-Padding
>
You should find out the OpenSSL API for it, GnuTLS will be on its
way out next year.
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer i speak de, en
Reply to: