Abstract
The IPv6 protocol was designed with security in mind. One of the changes that IPv6 has introduced over IPv4 is a new 20-bit flow label field in its protocol header.We show that remote servers can use the flow label field in order to assign a unique ID to each device when communicating with machines running Windows 10 (versions 1703 and higher), and Linux and Android (kernel versions 4.3 and higher). The servers are then able to associate the respective device IDs with subsequent transmissions sent from those machines. This identification is done by exploiting the flow label field generation logic and works across all browsers regardless of network changes. Furthermore, a variant of this attack also works passively, namely without actively triggering traffic from those machines.To design the attack we reverse-engineered and cryptanalyzed the Windows flow label generation code and inspected the Linux kernel flow label generation code. We provide a practical technique to partially extract the key used by each of these algorithms, and observe that this key can identify individual devices across networks, VPNs, browsers and privacy settings. We deployed a demo (for both Windows and Linux/Android) showing that key extraction and machine fingerprinting works in the wild, and tested it from networks around the world.
Original language | English |
---|---|
Title of host publication | Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 1259-1276 |
Number of pages | 18 |
ISBN (Electronic) | 9781728134970 |
DOIs | |
State | Published - May 2020 |
Externally published | Yes |
Event | 41st IEEE Symposium on Security and Privacy, SP 2020 - San Francisco, United States Duration: 18 May 2020 → 21 May 2020 |
Publication series
Name | Proceedings - IEEE Symposium on Security and Privacy |
---|---|
Volume | 2020-May |
ISSN (Print) | 1081-6011 |
Conference
Conference | 41st IEEE Symposium on Security and Privacy, SP 2020 |
---|---|
Country/Territory | United States |
City | San Francisco |
Period | 18/05/20 → 21/05/20 |
Bibliographical note
Publisher Copyright:© 2020 IEEE.