Suppose there is a stream of packets coming through your gateway, their contents apparently encrypted. They may be from a standard VPN such as OpenVPN or an IPSec implementation running over some non-standard ports or protocol, but you missed the initial negotiation that could tell you what sort of a VPN that might be. Can you still find out what software stack and what cipher are being used? We found out that, if you introduce a periodic disturbance to an encrypted VPN connection, you can fingerprint the VPN and, in particular, the cipher using nothing but packet timings of typical file transfers. We found out also that many things we take for granted aren't necessarily true - e.g., that double encryption may not be better for resisting fingerprinting, and that the most common encryption algorithms differ more in performance than one would think they do. We believe that the fingerprinting signatures are due to the interactions between the cryptographic and the network layers of the VPN, the cross-layer effects that have been largely overlooked to date. Our findings suggest that these interactions between the layers of a VPN implementation should be studied and taken into account to protect implementations against information leaks.
Name | Type | Role | |
---|---|---|---|
Anna Shubina | Guest Star | ||
Sergey Bratus | Guest Star |