[tor-commits] [tor-browser-spec/master] Add bibliography and citations.

Mon May 4 18:32:55 UTC 2015

commit 8348b0d88fa0448d89d8146de4569ded10b57490
Author: Mike Perry <mikeperry-git at torproject.org>
Date:   Fri May 1 02:09:31 2015 -0700

    Add bibliography and citations.
---
 position-papers/HTTP3/HTTP3.bbl |  124 ++++++++++++++++++++++-----------------
 position-papers/HTTP3/HTTP3.tex |  103 +++++++++++++++++---------------
 2 files changed, 127 insertions(+), 100 deletions(-)

diff --git a/position-papers/HTTP3/HTTP3.bbl b/position-papers/HTTP3/HTTP3.bbl
index feb7b6f..3d9e725 100644
--- a/position-papers/HTTP3/HTTP3.bbl
+++ b/position-papers/HTTP3/HTTP3.bbl
@@ -1,60 +1,76 @@
 \begin{thebibliography}{10}
 
-\bibitem{web-send}
-Tyler Close, Rajiv Makhijani, Mark Seaborn, Kenton Varda, Johan Apelqvist,
-  Claes Nilsson, and Mike Hanson.
-\newblock {Web Introducer}.
-\newblock \url{http://web-send.org/introducer/}.
-
-\bibitem{target}
-Charles Duhigg.
-\newblock {How Companies Learn Your Secrets}.
-\newblock
-  \url{https://www.nytimes.com/2012/02/19/magazine/shopping-habits.html?pagewa%
-nted=9}.
-
-\bibitem{panopticlick}
-Peter Eckersley.
-\newblock How unique is your web browser?
-\newblock In {\em Proceedings of the 10th international conference on Privacy
-  enhancing technologies}, PETS'10, pages 1--18, Berlin, Heidelberg, 2010.
-  Springer-Verlag.
-
-\bibitem{DNT-adoption}
-Alex Fowler.
-\newblock {Mozilla Led Effort for DNT Finds Broad Support}.
-\newblock
-  \url{https://blog.mozilla.org/privacy/2012/02/23/mozilla-led-effort-for-dnt-%
-finds-broad-support/}.
-
-\bibitem{safecache}
-Collin Jackson and Dan Boneh.
-\newblock Protecting browser state from web privacy attacks.
-\newblock In {\em In Proceedings of the International World Wide Web
-  Conference}, pages 737--744, 2006.
-
-\bibitem{DNT-draft}
-J.~Mayer, A.~Narayanan, and S.~Stamm.
-\newblock {Do Not Track: A Universal Third-Party Web Tracking Opt Out}.
-\newblock \url{https://tools.ietf.org/html/draft-mayer-do-not-track-00}.
-
-\bibitem{fourthparty}
-Jonathan~R. Mayer and John~C. Mitchell.
-\newblock {Third-Party Web Tracking: Policy and Technology}.
-\newblock \url{https://www.stanford.edu/~jmayer/papers/trackingsurvey12.pdf}.
-
-\bibitem{Persona}
-Mozilla~Developer Network.
-\newblock {Persona}.
-\newblock \url{https://developer.mozilla.org/en-US/docs/persona}.
-
-\bibitem{torbrowser}
-Mike Perry.
+\bibitem{torbrowser-identifiers}
+Mike Perry, Erinn Clark, Steven Murdoch
 \newblock {The Design and Implementation of the Tor Browser}.
-\newblock \url{https://www.torproject.org/projects/torbrowser/design/}.
+\newblock {Section 4.5: Cross-Origin Identifier Unlinkability}.
+\newblock \url{https://www.torproject.org/projects/torbrowser/design/#identifier-linkability}.
+
+\bibitem{torbrowser-longterm}
+Mike Perry, Erinn Clark, Steven Murdoch
+\newblock {The Design and Implementation of the Tor Browser}.
+\newblock {Section 4.7: Long-Term Unlinkability via "New Identity" button}.
+\newblock \url{https://www.torproject.org/projects/torbrowser/design/#new-identity}.
+
+\bibitem{torbrowser-fingerprinting}
+Mike Perry, Erinn Clark, Steven Murdoch
+\newblock {The Design and Implementation of the Tor Browser}.
+\newblock {Section 4.6: Cross-Origin Fingerprinting Unlinkability}.
+\newblock \url{https://www.torproject.org/projects/torbrowser/design/#fingerprinting-linkability}.
+
+\bibitem{http2-spec}
+M. Belshe, R. Peon, M. Thomson
+\newblock {Hypertext Transfer Protocol version 2}.
+\newblock \url{https://http2.github.io/http2-spec/}.
+
+\bibitem{lets-encrypt}
+Mozilla, Akamai, Cisco, EFF, Identrust, Automattic
+\newblock {Let's Encrypt Certificate Authority}.
+\newblock \url{https://letsencrypt.org/}.
+
+\bibitem{encrypted-handshake}
+M. Ray
+\newblock {Transport Layer Security (TLS) Encrypted Handshake Extension}.
+\newblock \url{https://tools.ietf.org/html/draft-ray-tls-encrypted-handshake-00}.
+
+\bibitem{blog-wtf}
+Mike Perry
+\newblock {A Critique of Website Traffic Fingerprinting Attacks}.
+\newblock \url{https://blog.torproject.org/blog/critique-website-traffic-fingerprinting-attacks}
+
+\bibitem{blog-pipelining}
+Mike Perry
+\newblock {Experimental Defense for Website Traffic Fingerprinting}.
+\newblock \url{https://blog.torproject.org/blog/experimental-defense-website-traffic-fingerprinting}
+
+\bibitem{torbrowser-wtf}
+Mike Perry, Erinn Clark, Steven Murdoch
+\newblock {The Design and Implementation of the Tor Browser}.
+\newblock {Section 4.8: Other Defenses}.
+\newblock \url{https://www.torproject.org/projects/torbrowser/design/#traffic-fingerprinting-defenses}
+
+\bibitem{multihop-padding}
+Mike Perry, Marc Juarez
+\newblock {Multihop Padding Primitives}
+\newblock \url{https://gitweb.torproject.org/user/mikeperry/torspec.git/plain/proposals/ideas/xxx-multihop-padding-primitives.txt?h=multihop-padding-primitives}
+
+\bibitem{wfpadtools}
+Marc Juarez
+\newblock {WFPadTools}
+\newblock \url{https://bitbucket.org/mjuarezm/obfsproxy_wfpadtools/}
+
+\bibitem{tor-udp}
+Steven J. Murdoch
+\newblock {Comparison of Tor Datagram Designs}
+\newblock \url{https://research.torproject.org/techreports/datagram-comparison-2011-11-07.pdf}
+
+\bibitem{ccs-wtf}
+Marc Juarez and Sadia Afroz and Gunes Acar and Claudia Diaz and Rachel Greenstadt
+\newblock {A Critical Evaluation of Website Fingerprinting Attacks}
+\newblock {Proceedings of the 21th ACM conference on Computer and Communications Security (CCS 2014)}
+\newblock \url{https://www.eecs.berkeley.edu/~sa499/papers/ccs-webfp-final.pdf}
+}
+
 
-\bibitem{thirdparty}
-Dan Witte.
-\newblock \url{https://wiki.mozilla.org/Thirdparty}.
 
 \end{thebibliography}
diff --git a/position-papers/HTTP3/HTTP3.tex b/position-papers/HTTP3/HTTP3.tex
index b4d7993..d7d8aac 100644
--- a/position-papers/HTTP3/HTTP3.tex
+++ b/position-papers/HTTP3/HTTP3.tex
@@ -77,23 +77,21 @@ HTTP layer that persists beyond the duration or scope of a single connection.
 For background, the Tor Project has designed Tor Browser with two main
 properties for limiting identifier-based tracking: First Party Isolation, and
 Long Term Unlinkability.
-% FIXME: cite design doc
 
 First Party Isolation is the property that a user's actions at one
 top-level URL bar domain must not be correlated or linked to their actions on a
 different top-level URL bar domain. We maintain this property through a number
 of patches and modifications to various aspects of browser functionality and
-state keeping.
-% FIXME: Cite design doc
+state keeping\cite{torbrowser-identifiers}.
 
 Long Term Unlinkability is the property that a user's future activity must not
-be linked or correlated to any prior activity after that user's explicit request
-to sever this link. Tor Browser provides Long Term Unlinkability by allowing
-the user to clear all browser tracking data in a single click (called "New
-Identity"). Our long-term goal is to allow users to define their relationship
-with individual first parties, and alter that relationship by resetting or
-blocking the associated tracking data on a per-site basis.
-% FIXME: Cite design doc
+be linked or correlated to any prior activity after that user's explicit
+request to sever this link. Tor Browser provides Long Term Unlinkability by
+allowing the user to clear all browser tracking data in a single click (called
+"New Identity")\cite{torbrowser-longterm}. Our long-term goal is to allow
+users to define their relationship with individual first parties, and alter
+that relationship by resetting or blocking the associated tracking data on a
+per-site basis.
 
 \subsection{Identifier Linkability in HTTP/2}
 
@@ -136,8 +134,8 @@ The heavy use of connection multiplexing in HTTP/2 may present additional
 complexities for ensuring that requests are isolated. Unfortunately, unlike
 identifier usage, connection usage linkability is encouraged by the
 HTTP/2 specification in Section 9.1 (in the form of specifying that clients
-SHOULD NOT open more than one connection to a given host and port).
-% FIXME: Cite HTTP2 S 9.1
+SHOULD NOT open more than one connection to a given host and
+port)\cite{http2-spec}.
 
 \subsection{Avoiding Future Connection Usage Linkability}
 
@@ -168,7 +166,7 @@ to obtain or infer end user configuration details and device characteristics.
 We concern ourselves with operating system fingerprinting only to the point of
 removing ways of detecting a specific operating system version. We make no
 attempt to address fingerprinting due to browser vendor and version
-differences. % FIXME: cite fingerprinting doc
+differences\cite{torbrowser-fingerprinting}.
 
 Under this model, it is unlikely that very many fingerprinting vectors that
 concern us will arise in the HTTP layer. However, the possibility for end user
@@ -198,22 +196,21 @@ The Tor Project is very interested in any efforts to improve the
 confidentiality and integrity of the session layer of HTTP/3. 
 
 In particular, we are strong advocates for mandatory authenticated encryption
-of HTTP/3 connections.  The availability of entry-level authentication through
-the Let's Encrypt Project should eliminate the remaining barriers to requiring
-authenticated encryption, as opposed to deploying opportunistic mechanisms.
-% FIXME: Cite Let's Encrypt
+of HTTP/3 connections.  The availability of free and automated entry-level
+authentication through the Let's Encrypt Project\cite{lets-encrypt} should
+eliminate the remaining barriers to requiring authenticated encryption, as
+opposed to deploying opportunistic mechanisms.
 
 We are also interested in efforts to encrypt the ClientHello and ServerHello
 messages using an initial ephemeral handshake, as described in the Encrypted
-TLS Handshake proposal. If SNI, ALPN, and the ServerHello can be encrypted
-using an ephemeral key exchange that is authenticated later in the handshake,
-the adversary loses a great deal of information about the user's intended
-destination site. When large scale CDNs and multi-site load balancers are
-involved, the ultimate destination would be impossible to determine with this
-type of handshake in place. This will aid in defenses against traffic
-fingerprinting and traffic analysis, which we describe detail in the next
-section.
-% FIXME: Cite https://tools.ietf.org/html/draft-ray-tls-encrypted-handshake-00
+TLS Handshake proposal\cite{encrypted-handshake}. If SNI, ALPN, and the
+ServerHello can be encrypted using an ephemeral key exchange that is
+authenticated later in the handshake, the adversary loses a great deal of
+information about the user's intended destination site. When large scale CDNs
+and multi-site load balancers are involved, the ultimate destination would be
+impossible to determine with this type of handshake in place. This will aid in
+defenses against traffic fingerprinting and traffic analysis, which we
+describe detail in the next section.
 
 \section{Traffic Fingerprinting and Traffic Analysis Concerns}
 
@@ -235,19 +232,17 @@ accuracy and capabilities by increasing the size of the classification domain.
 There was some initial controversy in the research literature as to the exact
 degree to which the classification domain size, the base rate fallacy, and
 other machine learning issues applied to website traffic fingerprinting of Tor
-traffic, but after publicly requesting that these effects be studied in closer
-detail, recent results have confirmed and quantified the benefits conferred by
-Tor's unique link encryption.
+traffic, but after we publicly requested that these effects be studied in
+closer detail\cite{blog-wtf}, recent results have confirmed and quantified the
+benefits conferred by Tor's unique link encryption\cite{ccs-wtf}.
 
 Tor's link properties are by no means a complete defense, but they show that
 there is room to develop defenses that specifically aim to increase the size
 of the classification domain and associated base rate. In fact, it is our
-belief that minimal padding and clever use of request and response framing
+belief that minimal padding and clever use of request and response behavior
 will increase the false positive rate enough to frustrate these attacks. For
 this reason, we have been encouraging continued study of low-overhead defenses
-against traffic fingerprinting. 
-% FIXME: Cite blog post and Mjaurez's paper
-% FIXME: Cite design doc's website traffic fingerprinting section
+against traffic fingerprinting\cite{torbrowser-wtf}. 
 
 With the aid of an encrypted TLS handshake, we are hopeful that these defenses
 will also be applicable to non-Tor TLS sessions as well. In addition to
@@ -256,10 +251,28 @@ the application of these defenses to the HTTP TLS layer will serve to increase
 the difficulty of end-to-end correlation and general traffic analysis of Tor
 exit node traffic as well.
 
-\subsection{Traffic Analysis Issues with HTTP/2}
-
-In our preliminary investigation of HTTP/2, we discovered that certain aspects
-of the protocol may aid certain types of traffic analysis attacks.
+\subsection{Traffic Analysis Improvements and Issues with HTTP/2}
+
+When website traffic fingerprinting was first studied in Tor, we developed an
+experimental defense against it that attempted to use HTTP/1.1 pipelining to
+randomize pipeline depth and request ordering to reduce the information
+available to classifiers\cite{blog-pipelining}. Unfortunately, cursory
+experiments have revealed that this defense appears to provide questionable
+benefit, though exactly why has not yet been investigated. We suspect this may
+be due to the lack of support for large pipeline depths (or any reliable
+HTTP/1.1 pipelining at all) on many sites.
+
+We are hopeful that HTTP/2 will enable better request and response size and
+ordering randomization through the use of HTTP/2's client configurable frame
+size and stream multiplexing properties, in addition to frame padding.
+Leveraging these features is high on the list of low-overhead defense
+experiments that the Tor Project is interested in evaluating when we pick up
+the Firefox implementation of HTTP/2 as part of our rebase to Firefox 38-ESR
+in the coming months.
+
+However, in our preliminary investigation of HTTP/2, we also iscovered that
+certain aspects of the protocol may aid certain types of traffic analysis
+attacks.
 
 In particular, the PING and SETTINGS frames are acknowledged immediately by
 the client, which might give servers the ability to collect information about a
@@ -288,12 +301,11 @@ provided by HTTP/2 is likely to be inconsequential when combined with the
 minimum frame size the client can request (16 kilobytes).
 
 In combination with researchers at the University of Leuven, the Tor Project
-has also developed a protocol and prototype implementation for communicating
-statistical schedules for asynchronous padding from Tor clients to Tor relays.
-The research community is currently in the process of evaluating the efficacy
-of this protocol against traffic fingerprinting and other traffic analysis
-attacks.
-% FIXME: Cite padding idea and wfpadtools
+has also developed a protocol\cite{multihop-padding} and prototype
+implementation\cite{wfpadtools} for communicating statistical schedules for
+asynchronous padding from Tor clients to Tor relays.  The research community
+is currently in the process of evaluating the efficacy of this protocol
+against traffic fingerprinting and other traffic analysis attacks.
 
 Pending the results of this analysis, these padding commands could form the
 basis of new HTTP/3 frame commands for communicating more sophisticated (yet
@@ -319,9 +331,8 @@ Long term, our goal is to transition the entire Tor network to our own
 datagram protocol with custom congestion and flow control to better support
 both native datagram transport and end-to-end flow control. However,
 additional research is still needed to examine the anonymity implications
-associated with this transition. Our present estimate is that a full network
-transition to UDP is at least five years away.
-% FIXME: Site Murdoch's UDP study
+associated with this transition\cite{tor-udp}. Our present estimate is that a
+full network transition to UDP is at least five years away.
 
 We are also concerned that even after a full network transition to a datagram
 transport, it is likely that the congestion, flow, and reliability control of



