5

I've been wondering this for as long as I've been programming, Why aren't TCP sockets encrypted by default? Everyone always says that using raw sockets is dangerous as all packets sent are susceptible to packet sniffing.

So why didn't the original implementation of TCP sockets include a basic form of encrypion. What I've noticed so far, is that most languages either don't provide a built in implementation which forces you to use a third party library or make it so hard for 'noobies' to implement SSL over all sockets, that most don't even bother to do so in the first place.

Even simple self signed certificates would suffice for the most basic form of protection, which could be abstracted away for new developers.

Paradoxis
  • 892
  • 7
  • 15
  • 10
    Well, TCP started being developed [in 1974](https://en.wikipedia.org/wiki/Transmission_Control_Protocol#Historical_origin), while the first public release of SSL [was in 1995](https://en.wikipedia.org/wiki/Transport_Layer_Security#History_and_development). – Xiong Chiamiov Dec 20 '16 at 23:02
  • 1
    originally there was no perceived need. – Jasen Dec 21 '16 at 00:18
  • 1
    And in 1974, computers were a few million times slower than they are today. – Oskar Skog Dec 21 '16 at 06:18

3 Answers3

6

Modern networking follows the Seven-layer OSI model which is successful due to the principle of separation of concerns.

The value of separation of concerns is simplifying development and maintenance of computer programs. When concerns are well-separated, individual sections can be reused, as well as developed and updated independently. Of special value is the ability to later improve or modify one section of code without having to know the details of other sections, and without having to make corresponding changes to those sections.

TCP/IP is layer 4 ("Transport")

The transport layer provides the functional and procedural means of transferring variable-length data sequences from a source to a destination host via one or more networks, while maintaining the quality of service functions.

SSL/TLS is layer 6 ("Presentation")

This layer provides independence from data representation (e.g., encryption) by translating between application and network formats. The presentation layer transforms data into the form that the application accepts. This layer formats and encrypts data to be sent across a network. It is sometimes called the syntax layer.

In other words, it is a conscious design choice.

Also, TCP predates SSL by several decades. To wit, SLL keeps changing because weaknesses are found; meanwhile, TCP has remained mostly the same. The OSI model allows easier adoption of changes by keeping some things constant while varying others. If we built encryption into TCP, then it would be a far less stable protocol.

John Wu
  • 9,101
  • 1
  • 28
  • 39
  • "Modern networking follows the Seven-layer OSI model" : not exactly true, most protocols does, some others mix transport and encryption ([QUIC](https://tools.ietf.org/html/draft-hamilton-early-deployment-quic-00#section-3.5)) for performance reasons, breaking that model. – Jeff Bencteux Dec 21 '16 at 09:48
  • The internet does not quite follow the OSI model, and specifically there's no agreement what's "layer 6": https://jvns.ca/blog/2021/05/11/what-s-the-osi-model-/ The high-level argument of layering is relevant though. – Beni Cherniavsky-Paskin Jun 27 '21 at 13:09
  • https://en.wikipedia.org/wiki/QUIC and HTTP/3 will change the layering though! From what I understand it combines some roles of transport + encryption; this had concrete motivations for latency. It also (similarly to SCTP) moves down awareness of separate streams that were previously multiplexed in layer 7 HTTP, to avoid head-of-line blocking. – Beni Cherniavsky-Paskin Jun 27 '21 at 13:15
4

Why doesn't snail mail come with builtin encryption?

A socket is a simple concept which is used to make communication between multiple parties possible, i.e. just transfer messages. Insofar it is similar to snail mail, i.e. you have some sender and recipient and the message and you might have some minimal protection (envelope) which can easily be bypassed. Protecting communication against sniffing and tampering is a way more complex concept and which kind of protection is actually needed depends on the specific use case. For example sending messages to another process on the local system needs different protection than sending messages to another host in a local network or to some party on the other side of the planet where some of the routers in between are controlled by government organizations.

Therefore it makes only sense to handle the exchange of messages separate from the protection of messages to simplify communication and be flexible in the kind of protection actually needed.

Some examples of the different use cases should make it more clear why separating these concepts make sense:

  • UNIX domain sockets don't need encryption because you would need to have kernel permissions to actually sniff the data, in which case you could also grab the data before encryption.
  • If you are in a network with a full IPSec rollout all communication between the parties in the network is already encrypted so you don't need to add another encryption on top.
  • Encryption on the internet like HTTPS needs to first have a PKI infrastructure rolled out with local trust anchors so that you could actually authenticate the peer before sending messages.
  • Hop by hop encryption like you have with SMTP (mail delivery) does not protect the message against sniffing on the hops, so you additionally need end to end encryption (i.e. PGP, S/MIME).
  • Unidirectional or multicast communication cannot have the kind of key exchange you have with TLS because this requires bidirectional communication.
Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
2

Performance overhead

Encryption takes much more effort than basic networking. First, it takes computational power - running all traffic through a SSL-like channel in 1980s, when TCP gained large scale adoption, would not be practical as the processors were so much slower than currently.

However, an even larger issue is the network overhead of the SSL handshake for small requests. For small messages, the handshake to establish the encryption keys can easily be multiple times larger than the actual message, and requires more round-trips and can double the latency. This is a reason why even if the standards were redesigned today, it would make sense to have the basic network socket layers without encryption.

Peteris
  • 8,369
  • 1
  • 26
  • 35