Tracking Users across the Web via TLS Session Resumption

Abstract: User tracking on the Internet can come in various forms, e.g., via cookies or by fingerprinting web browsers. A technique that got less attention so far is user tracking based on TLS and specifically based on the TLS session resumption mechanism. To the best of our knowledge, we are the first that investigate the applicability of TLS session resumption for user tracking. For that, we evaluated the configuration of 48 popular browsers and one million of the most popular websites. Moreover, we present a so-called prolongation attack, which allows extending the tracking period beyond the lifetime of the session resumption mechanism. To show that under the observed browser configurations tracking via TLS session resumptions is feasible, we also looked into DNS data to understand the longest consecutive tracking period for a user by a particular website. Our results indicate that with the standard setting of the session resumption lifetime in many current browsers, the average user can be tracked for up to eight days. With a session resumption lifetime of seven days, as recommended upper limit in the draft for TLS version 1.3, 65% of all users in our dataset can be tracked permanently.

• The paper reveals that over 95% of Alexa Top Million sites use session resumption mechanisms like session IDs and tickets.
• The paper shows that extended lifetimes on session tickets can prolong tracking periods to several days, affecting up to 65% of users.
• The paper recommends deactivating or limiting session resumption lifetimes and updating TLS protocols to mitigate privacy risks.

An Examination of User Tracking through TLS Session Resumption

The paper provides a comprehensive evaluation of the potential privacy risks associated with Transport Layer Security (TLS) session resumption, a feature in the TLS protocol intended to expedite secure connections by reducing the computational load of repeated handshake procedures. This document presents scrutiny into the technical, practical, and ethical implications of TLS session resumption being leveraged as a mechanism for user tracking.

Technical Overview and Feasibility

The paper introduces several session resumption mechanisms present in TLS: session ID, session tickets, and Pre-Shared Keys (PSK) starting with TLS 1.3. Through extensive empirical analysis involving the Alexa Top Million Sites and popular web browsers, the authors identify the extent to which these mechanisms are adopted and how they are configured in real-world environments. The paper reveals that over 95% of TLS-enabled sites in the Alexa Top Million use session IDs or tickets, solidifying the ubiquity of these mechanisms across the web.

Furthermore, the authors highlight concerns regarding the use of session ticket lifetimes longer than necessary, which facilitate user tracking. Observational data reveals that Google and Facebook configure their session ticket lifetimes exceptionally long at 28 and 48 hours respectively, which signals the potential for tracking by these prominent platforms.

Implications and Potential for User Tracking

The pivotal contribution of this research is the identification of a prolongation attack that allows tracking periods to exceed customary session lifetimes. Using real-world DNS traffic data, the study determines that with typical browser configurations, tracking can be extended for several days beyond the standard resumption lifetimes. Even with conservative assumptions, the paper indicates that session resumption configured with long default lifetimes could result in tracking periods where 65% of users may be permanently trackable over the evaluated z-period.

From these findings, not only can browser vendors facilitate tracking by maintaining long resumption lifetimes, but they also render users vulnerable to indirect tracking by third-party services. Despite most browsers not inherently protecting against such third-party exploitation, the paper calls attention to this latent risk in standard browser configurations.

Recommendations for Mitigation

In response to these insights, the paper proposes several countermeasures to mitigate potential misuse of TLS session resumption for tracking purposes. These include:

1. Deactivation of Session Resumption: This is the most straightforward approach, as demonstrated by certain privacy-conscious browsers like Tor Browser.
2. Limiting Lifetime Duration: A recommendation to astronomically lower session resumption lifetimes to mitigate exploitation, where a practical benchmark could be restricting lifetimes to ten minutes.
3. Modification of TLS Protocols: Advocating for updates to TLS standards to undermine prolongation attacks, specifically by ensuring new session identifiers do not extend past the initial session's expiry date.
4. Enhanced Third-party Protocols: Recommending that browsers impede third-party tracking via unconstrained session resumption.

Conclusion and Future Outlook

This paper concludes by highlighting the potential implications of session resumption mechanisms on users’ online privacy, drawing a picture of the intricate arms race between privacy preservation and tracking mechanisms. Their findings underline the need for stricter safeguards within the TLS protocols and the configurations of mainstream web technologies. Moving forward, the discourse on session resumption as a tracking vector should stimulate further research on privacy-centric architectural changes and foster greater transparency and control for end users over their browsing data.

In essence, this paper soundly elucidates concerns regarding tracking capabilities facilitated by TLS session resumption and embarks a call to action for both research and technological reformations to address these privacy vulnerabilities.