You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There is a fingerprint mismatch with Chrome when using GREASE ECH, having to do with ciphersuite selection. When Chrome selects the preferred ciphersuite in the outer ClientHello and the ciphersuite for ECH, it does so consistently based on hardware support. That means, for example, if it prefers AES for the outer ciphersuite, it would also use AES for ECH. The Chrome parrot in utls hardcodes AES preference for outer ciphersuites but selects the ECH ciphersuite randomly between AES and ChaCha20. So there is a 50% chance of selecting ChaCha20 for ECH while using AES for the outer ciphersuite, which is impossible in Chrome.
This commit makes the Chrome parrot use AES only for GREASE ECH, consistent with the currrent AES outer ciphersuite preference.
I think this is only a problem in GREASE ECH, since in real ECH Chrome selects the first valid ciphersuite when AES is preferred, which is the same in utls. So no change is done there.
Thanks to the original reporter for reporting this issue.
There is a fingerprint mismatch with Chrome when using GREASE ECH,
having to do with ciphersuite selection. When Chrome selects the
preferred ciphersuite in the outer ClientHello and the ciphersuite for
ECH, it does so consistently based on hardware support. That means, for
example, if it prefers AES for the outer ciphersuite, it would also use
AES for ECH. The Chrome parrot in utls hardcodes AES preference for
outer ciphersuites but selects the ECH ciphersuite randomly between
AES and ChaCha20. So there is a 50% chance of selecting ChaCha20 for
ECH while using AES for the outer ciphersuite, which is impossible in
Chrome.
This commit makes the Chrome parrot use AES only for GREASE ECH,
consistent with the currrent AES outer ciphersuite preference.
I think this is only a problem in GREASE ECH, since in real ECH Chrome
selects the first valid ciphersuite when AES is preferred, which is the
same in utls. So no change is done there.
Thanks to the original reporter for reporting this issue.
There is a fingerprint mismatch with Chrome when using GREASE ECH, having to do with ciphersuite selection. When Chrome selects the preferred ciphersuite in the outer ClientHello and the ciphersuite for ECH, it does so consistently based on hardware support. That means, for example, if it prefers AES for the outer ciphersuite, it would also use AES for ECH. The Chrome parrot in utls hardcodes AES preference for outer ciphersuites but selects the ECH ciphersuite randomly between AES and ChaCha20. So there is a 50% chance of selecting ChaCha20 for ECH while using AES for the outer ciphersuite, which is impossible in Chrome.
This commit makes the Chrome parrot use AES only for GREASE ECH, consistent with the currrent AES outer ciphersuite preference.
I think this is only a problem in GREASE ECH, since in real ECH Chrome selects the first valid ciphersuite when AES is preferred, which is the same in utls. So no change is done there.
Thanks to the original reporter for reporting this issue.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
There is a fingerprint mismatch with Chrome when using GREASE ECH, having to do with ciphersuite selection. When Chrome selects the preferred ciphersuite in the outer ClientHello and the ciphersuite for ECH, it does so consistently based on hardware support. That means, for example, if it prefers AES for the outer ciphersuite, it would also use AES for ECH. The Chrome parrot in utls hardcodes AES preference for outer ciphersuites but selects the ECH ciphersuite randomly between AES and ChaCha20. So there is a 50% chance of selecting ChaCha20 for ECH while using AES for the outer ciphersuite, which is impossible in Chrome.
This commit makes the Chrome parrot use AES only for GREASE ECH, consistent with the currrent AES outer ciphersuite preference.
I think this is only a problem in GREASE ECH, since in real ECH Chrome selects the first valid ciphersuite when AES is preferred, which is the same in utls. So no change is done there.
Thanks to the original reporter for reporting this issue.