Shostack + Friends Blog Archive


Not quite clear on the subject

The Pirate Bay Logo

Slyck [link to no longer works] News has a story, “SSL Encrpytion Coming to The Pirate Bay” [link to no longer works] a good summary of which is in the headline.

However, may not help, and may hurt. Slyck says:

The level of protection offered likely varies on the individual’s geographical location. Since The Pirate Bay isn’t actually situated in Sweden, a user in the United States isn’t impacted by the law. However for the concerned user living in Sweden, the new SSL feature will offer some security against the perceived threat.

No, not really. There are things SSL cannot do and one of those is protect the IP addresses of the two endpoints. If you assume an adversary who is sniffing traffic, they can tell what the two IP addresses are.

There are other things they can do as well. Suppose, for example, they go to the Pirate Bay landing page and observe that it’s 1234 bytes long, and compare that with the size of the SSL transaction you made. If they match in size, then you have a pretty good idea of what the person did.

An attacker that crawled the Pirate Bay site and indexed the sizes of all the objects could construct a map of where people went.

Yes, there will be some uncertainty in it. But there will be less uncertainty than you think. Consider the CDDB database that identifies what CD you just put in a drive. It does nothing more than compare a list of track lengths to known entries, and it’s pretty darned good. So good that music plagiarists were caught by someone who saw a CDDB collision.

If the attacker is only trying to construct probable cause so as to raid someone, it’s likely good enough. “Yer Honor, the suspect may have gone to page X or page Y, but that only means that they’re downloading either X’ or Y.” Yeah, the judge will probably buy it.

SSL is a great technology for protecting content. You don’t care that the attacker knows you bought something, you want to protect your credit card number. It’s not very good at protecting the mere act of communication.

There are many things that can protect, but they have their own set of limitations. It’s too nice a Sunday afternoon for me to go into them.

4 comments on "Not quite clear on the subject"

  • deadmoo says:

    I saw on slashdot that TPB is using self-signed certificates. If that is true, it is even more useless.

  • Nathaniel H. says:

    There’s an article on The Inquirer today (link: that also mentions that The Pirate Bay (TPB) will be adding VPN functionality as well. This is something I didn’t see in previous articles. It still does not increase the anonymity to any great degree. Perhaps it is only a matter of time until TPB embraces Tor or something similar. That still isn’t a fool proof solution to the issue.
    Perhaps there are some protections to encrypted content in the Swedish law?

  • fishbane says:

    As far as detecting pages by size, couldn’t adding variable random “padding” in an HTML comment or similar defeat this?

  • mordaxus says:

    re; fishbane
    It helps, but it is unlikely to defeat it. It depends a lot on the size of the pages, their layout, and the degree of padding with respect to overlap.
    Imagine for example that you have a landing page and three pages underneath it. If the three pages are 100, 200, and 300 bytes long, it’s easy to create doubt about the middle one with respect to the two ends, but harder with the two ends. It is also very hard to disguise the largest one for anything other than it is. If you download a 357 byte page, it’s easy for me to guess which it is. The same if you download a 189 byte page. If you download a 214 byte page, you have more cover, but my smart bet is still on the middle one, and in any event, I know it’s not the big one.
    If those three pages are 1MB, 2MB, and 3MB, it’s even harder. (If they are songs, the likelihood they’ll be big is much greater, and that’s what the adversary wants to know, anyway. If you downloaded a whole album, the collection of sizes in a sequence would be much harder to disguise.)
    You can do other things like download the album tracks in random order, but this is still just a variant of the CDDB problem. The problem is that fuzzing is much harder to do than detecting.

Comments are closed.