[tor-dev] Proposal: Deterministic TLS SNI for Channel Certificates

Hi tor-dev@,
below is a proposal I have been working on. I am currently thinking
about setting up a physical colocation with some of my friends for our
servers and this problem came up when talked about hosting Tor relays
with our planned setup.

I have also heard that other colocations use a similar one, so I doubt
we are the only ones encountering this issue.

Feel free to reply with feedback and suggestions.

Thank You
Clara

Dropping a few more words with regard to alternatives:

# Alternatives

## Prefix-based SNI with entropy

Potentially, one could also introduce additional entropy by letting
clients send a SNI of the format `<FINGERPRINT><RANDOM>.home.arpa`, with
`<RANDOM>` being a random length suffix of hexadecimal characters.

The advantage this offers is to introduce slightly more obfuscation by
making it harder to detect the likelihood of Tor traffic by the based on
the TLS handshake alone, though it will of course not protect against
and a person really interested in whether you are using Tor or not.

Besides, it requires the reverse proxy to support regex/prefix based SNI
matching, which certain reverse proxies may not support, for a good
reason.

## Traditional NAT

One may also configure the IPv4 frontend server to simply not do any
Tor TLS forwarding based on the SNI and just designate a dedicated port
from which traditional NAT/PAT with some IPv4/IPv6 glue will be
performed.

Advantages of this include, that it does need any change in the current
implementation.

Disadvantages include, that it would require larger complexity for the
frontend server, which is usually designed to be low-complexity.  On
Linux for example, it would involve enabling routing logic through
various sysctl's.  Not only does this increase the attack surface
because more complex kernel code is loaded during runtime, but it also
greatly increases the complexity of firewall rules, as NAT is more
advanced than traditional input/output based allow/blocklists.

The shared IPv4 address itself is often an additional server running an
nginx (or something similar) that inspects the SNI and forwards the TLS
traffic (which does not terminate here) to the respective endpoint, in
this case potentially a Tor relay.

Do server providers even allow you to use a domain that you don't own (such as the proposed *.home.arpa)? That sounds like it could lead to issues for them down the line, e.g. if a customer comes along who owns a domain I "squatted" for my server. Thus, even if this is permitted nowadays, I wouldn't be surprised if they start locking this down.

* If a censor were to use fingerprints alone for detecting censorship,
   the censor would need to obtain a consensus which already contains the
   IP addresses plus port numbers anyway.

Why would they even bother with checking the fingerprints? Surely the odds of a "legitimate" service using [0-9a-f]{30}.home.arpa are negligible.

> [this] will do nothing for an attacker who is actively trying to
> detect and/or block the use of Tor.

The simpler it is to block vanilla Tor, the harder it will be for censors to fuck it up. For one, you would no longer need to keep an up-to-date consensus - and some people do seem to exploit the fact that censors don't always keep it updated[1].

[1] GitHub - ValdikSS/tor-relay-scanner: Tor Relay availability checker, for using it as a bridge in countries with censorship

Back to my first point, maybe relays should be able to set an arbitrary SNI instead? This would be much more flexible for e.g. when your provider requires you to actually own the used domain, but it also would mean that most relays could keep using the randomly generated domains.

I assume this would only be used by a minority of relays, and the SNI would only be embedded in the microdescriptor if actually required, so hopefully this shouldn't affect their sizes too much?

Do server providers even allow you to use a domain that you don't own (such
as the proposed *.home.arpa)? That sounds like it could lead to issues for
them down the line, e.g. if a customer comes along who owns a domain I
"squatted" for my server. Thus, even if this is permitted nowadays, I
wouldn't be surprised if they start locking this down.

Tor TLS certificates are self-signed, the names in there can be
anything. Ranging from a random string ending with ".com" to even
things such as google.com. The point is, that the trust for
authenticity in Tor itself is established outside of TLS certificates
with various in-protocol mechanisms.

With regard to home.arpa: This domain is specifically reserved in
RFC8375. It can be used by anyone without permission. Even outside of
this proposal, I think that this is way better than generating a random
string and appending .com to it, like what we are doing at the current
moment, and what you are asking if this is even allowed in the first
place; to which the answer is a clear yes, as this is the status quo.

Back to my first point, maybe relays should be able to set an arbitrary SNI
instead? This would be much more flexible for e.g. when your provider
requires you to actually own the used domain, but it also would mean that
most relays could keep using the randomly generated domains.

But how would you communicate that domain to clients? The SNI must be
known to clients for use in their `ClientHello`, similar to a host in a
`Host` HTTP header. AFAIK, IP addresses may not be used as FQDNs in
SNIs.

Thank You
Clara

Once we are migrated to Arti on the network side, I don't think it would be unreasonable to begin thinking about a Tor network where we manage the keys ourselves, but where the Arti Relay daemon can request a valid certificate via the ACME protocol from a provider such as Let's Encrypt. For censorship reasons, we should, of course, always fall back to self-signed certificates and not rely on the WebPKI for TLS trust validation in the case where the ACME certificate request fails and no certificate is issued.

Cheers,
Alex

Opened an upstream merge request:

Thank You
Clara