Published on

What is Encrypted Client Hello (ECH)?

Authors

The internet has progressed significantly over the past few decades, with security and privacy becoming increasingly important. As users, we expect our online communications to remain private, but achieving true privacy requires continuous improvements to existing protocols. One recent advancement in this area is Encrypted Client Hello (ECH), a technology that addresses a longstanding privacy issue in secure connections. Let's examine what ECH is and why it matters for web privacy.

Understanding TLS Handshakes and the Privacy Gap

When your browser connects to a secure website (HTTPS), it initiates a TLS (Transport Layer Security) handshake. During this process, your browser and the server exchange information to establish an encrypted connection. Traditionally, parts of this handshake occurred in plaintext before encryption was established.

One particular component, the Server Name Indication (SNI) extension, has been a privacy concern. SNI allows a browser to specify which website it wants to connect to when multiple sites share the same IP address. This information is transmitted during the initial handshake, and until recently, it was sent unencrypted.

This means that even when visiting secure websites, third parties like internet service providers, network administrators, or anyone monitoring network traffic could see which websites you were accessing. They couldn't see what you were doing on those sites, but they knew which domains you visited.

From ESNI to ECH: The Evolution of Handshake Privacy

The first attempt to address this issue was Encrypted SNI (ESNI), which encrypted just the server name. However, ESNI had limitations and was eventually replaced by a more comprehensive solution: Encrypted Client Hello.

ECH represents a significant advancement because it encrypts not just the server name but the entire Client Hello message. The Client Hello contains various parameters for the connection, including supported cipher suites, compression methods, and extensions like SNI.

How ECH Works

ECH functions by splitting the Client Hello message into two parts:

  1. An "outer" ClientHello that contains only the information needed to route the connection to the correct server
  2. An "inner" ClientHello that contains the sensitive information about the specific site being requested

The inner ClientHello is encrypted using a public key that the client obtains in advance, typically through the DNS system. Only the target server can decrypt this information using its private key.

This means that anyone observing network traffic can only see that you're connecting to a particular server infrastructure (like a Content Delivery Network), but they cannot determine which specific website hosted on that infrastructure you're accessing.

Why ECH Matters for Privacy

ECH addresses several privacy concerns:

Network Surveillance Protection: It prevents ISPs, governments, and other network observers from building browsing profiles based on the websites you visit.

Censorship Resistance: In regions where certain websites are blocked, censorship often relies on inspecting the SNI field. ECH makes this technique less effective.

Metadata Protection: Even metadata about browsing habits can reveal sensitive information. ECH helps keep more of this metadata private.

Forward Security: ECH is designed with forward security in mind, meaning that even if encryption keys are compromised in the future, they cannot be used to decrypt past traffic.

Current Implementation Status

As of now, ECH is still being standardized through the Internet Engineering Task Force (IETF). Major browsers like Firefox and Chrome have implemented experimental support, and some DNS providers support the necessary DNS records to make ECH function. Skip2 does not currently.

The implementation of ECH requires updates to both client software (browsers) and server infrastructure. This means adoption will take time as the internet ecosystem gradually updates to support this new standard.

Challenges and Considerations

While ECH represents a significant step forward for privacy, it's not without challenges:

Compatibility: Older systems may not support ECH, requiring fallback mechanisms that could potentially leak information.

Enterprise Networks: Some corporate networks rely on inspecting SNI for security monitoring and content filtering. ECH may require them to adjust their security approaches.

Global Adoption: For ECH to be truly effective, it needs widespread adoption across the internet ecosystem, which will take time.

The work on ECH shows how internet standards continue to evolve to address privacy concerns. As web users become more aware of privacy issues, technologies like ECH become increasingly important to ensure that our online activities remain private.

While perfect privacy on the internet remains a challenge, each improvement like ECH moves us closer to a web where users can communicate without unnecessary exposure of their browsing habits. As ECH adoption grows, we can expect a meaningful improvement in online privacy.

Learn more

Sign up for our newsletter

Get Started