Encrypted Client Hello – the last puzzle piece to privacy

By admin

5 min
TIME

read


Today
DATE

we are excited to announce a contribution to improving privacy for everyone on the Internet. Encrypted Client Hello, a new proposed standard that prevents networks from snooping on which websites a user is visiting, is now available on all

Cloudflare
ORG

plans.


Encrypted Client Hello
PERSON

(ECH) is a successor to ESNI and masks the Server Name Indication (SNI) that is used to negotiate a

TLS
ORG

handshake. This means that whenever a user visits a website on

Cloudflare
ORG

that has

ECH
ORG

enabled, no one except for the user,

Cloudflare
ORG

, and the website owner will be able to determine which website was visited.

Cloudflare
ORG

is a big proponent of privacy for everyone and is excited about the prospects of bringing this technology to life.

Browsing the Internet and your privacy

Whenever you visit a website, your browser sends a request to a web server. The web server responds with content and the website starts loading in your browser. Way back in

the early days
DATE

of the Internet this happened in ‘plain text’, meaning that your browser would just send bits across the network that everyone could read: the corporate network you may be browsing from,

the Internet Service Provider
ORG

that offers you Internet connectivity and any network that the request traverses before it reaches the web server that hosts the website. Privacy advocates have long been concerned about how much information could be seen in "plain text": If any network between you and the web server can see your traffic, that means they can also see exactly what you are doing. If you are initiating a bank transfer any intermediary can see the destination and the amount of the transfer.

So how to start making this data more private? To prevent eavesdropping, encryption was introduced in the form of

SSL
ORG

and later TLS. These are amazing protocols that safeguard not only your privacy but also ensure that no intermediary can tamper with any of the content you view or upload. But encryption only goes so far.

While the actual content (which particular page on a website you’re visiting and any information you upload) is encrypted and shielded from intermediaries, there are still ways to determine what a user is doing. For example, the

DNS
ORG

request to determine the address (IP) of the website you’re visiting and the SNI are both common ways for intermediaries to track usage.

Let’s start with

DNS
ORG

. Whenever you visit a website, your operating system needs to know which IP address to connect to. This is done through a

DNS
ORG

request.

DNS
ORG

by default is unencrypted, meaning anyone can see which website you’re asking about. To help users shield these requests from intermediaries,

Cloudflare
ORG

introduced

DNS
ORG

over HTTPS (DoH) in

2019
DATE

. In

2020
DATE

, we went

one
CARDINAL

step further and introduced Oblivious

DNS
ORG

over HTTPS which prevents even

Cloudflare
ORG

from seeing which websites a user is asking about.

That leaves SNI as the last unencrypted bit that intermediaries can use to determine which website you’re visiting. After performing a

DNS
ORG

query,

one
CARDINAL

of the

first
ORDINAL

things a browser will do is perform a TLS handshake. The handshake constitutes several steps, including which cipher to use, which

TLS
ORG

version and which certificate will be used to verify the web server’s identity. As part of this handshake, the browser will indicate the name of the server (website) that it intends to visit: the Server Name Indication.

Due to the fact that the session is not encrypted yet, and the server doesn’t know which certificate to use, the browser must transmit this information in plain text. Sending the SNI in plaintext means that any intermediary can view which website you’re visiting simply by checking the

first
ORDINAL

packet for a connection:

This means that despite the amazing efforts of

TLS
ORG

and

DoH
ORG

, which websites you’re visiting on the Internet still isn’t truly private.

Today
DATE

, we are adding the final missing piece of the puzzle with

ECH
ORG

. With

ECH
ORG

, the browser performs a TLS handshake with

Cloudflare
ORG

, but not a customer-specific hostname. This means that although intermediaries will be able to see that you are visiting a website on

Cloudflare
ORG

, they will never be able to determine which one.

How does

ECH
ORG

work?

In order to explain how

ECH
ORG

works, it helps to

first
ORDINAL

understand how TLS handshakes are performed. A

TLS
ORG

handshake starts with a ClientHello part, which allows a client to say which ciphers to use, which

TLS
ORG

version and most importantly, which server it’s trying to visit (the SNI).

With

ECH
ORG

, the ClientHello message part is split into

two
CARDINAL

separate messages: an inner part and an outer part. The outer part contains the non-sensitive information such as which ciphers to use and the

TLS
ORG

version. It also includes an "outer SNI". The inner part is encrypted and contains an "inner SNI".

The outer SNI is a common name that, in our case, represents that a user is trying to visit an encrypted website on

Cloudflare
ORG

. We chose

cloudflare-ech.com
PERSON

as the SNI that all websites will share on

Cloudflare
ORG

. Because Cloudflare controls that domain we have the appropriate certificates to be able to negotiate a

TLS
ORG

handshake for that server name.

The inner SNI contains the actual server name that the user is trying to visit. This is encrypted using a public key and can only be read by

Cloudflare
ORG

. Once the handshake completes the web page is loaded as normal, just like any other website loaded over

TLS
ORG

.

In practice, this means that any intermediary that is trying to establish which website you’re visiting will simply see normal TLS handshakes with

one
CARDINAL

caveat: any time you visit an

ECH
ORG

enabled website on

Cloudflare
ORG

the server name will look the same. Every

TLS
ORG

handshake will appear identical in that it looks like it’s trying to load a website for

cloudflare-ech.com
ORG

, as opposed to the actual website. We’ve solved the last puzzle-piece in preserving privacy for users that don’t like intermediaries seeing which websites they are visiting.

For full details on the nitty-gritty of

ECH
ORG

technology, visit our introductory blog.

The future of privacy

We’re excited about what this means for privacy on the Internet. Browsers like

Google Chrome
ORG

and

Firefox
ORG

are starting to ramp up support for

ECH
ORG

already. If you’re a website, and you care about users visiting your website in a fashion that doesn’t allow any intermediary to see what users are doing, enable

ECH
ORG


today
DATE

on

Cloudflare
ORG

. We’ve enabled

ECH
ORG

for all free zones already. If you’re an existing paying customer, just head on over to the

Cloudflare
ORG

dashboard and apply for the feature. We’ll be enabling this for everyone that signs up over

the coming few weeks
DATE

.

Over time, we hope others will follow our footsteps, leading to a more private Internet for everyone. The more providers that offer

ECH
ORG

, the harder it becomes for anyone to listen in on what users are doing on the Internet. Heck, we might even solve privacy for good.

If you’re looking for more information on

ECH
ORG

, how it works and how to enable it head on over to our developer documentation on

ECH
ORG

.