Towards a Tectonic Traffic Shift? Investigating Apple's New Relay Network

TL;DR

This paper analyzes Apple's iCloud Private Relay, a privacy service integrated into iOS, examining its architecture, relay address distribution, and potential privacy implications, revealing insights into its network behavior and possible traffic correlation risks.

Contribution

It provides the first large-scale measurement-based analysis of Apple's Private Relay network, including relay address collection, growth trends, and privacy implications.

Findings

Ingress relay addresses grew by 20% from January to April

Apple rotates egress addresses, confirming claims

Ingress and egress relays can be in the same autonomous system

Abstract

Apple recently published its first Beta of the iCloud Private Relay, a privacy protection service with promises resembling the ones of VPNs. The architecture consists of two layers (ingress and egress), operated by disjoint providers. The service is directly integrated into Apple's operating systems and therefore provides a low entry level barrier for a large user base. It seems to be set up for major adoption with its relatively moderate entry-level price. This paper analyzes the iCloud Private Relay from a network perspective and its effect on the Internet and future measurement-based research. We perform EDNS0 Client Subnet DNS queries to collect ingress relay addresses and find 1586 IPv4 addresses. Supplementary RIPE Atlas DNS measurements reveal 1575 IPv6 addresses. Knowledge about these addresses helps to passively detect clients communicating through the relay network. According to our scans, from January through April, ingress addresses grew by 20%. The analysis of our scans through the relay network verifies Apple's claim of rotating egress addresses. Nevertheless, it reveals that ingress and egress relays can be located in the same autonomous system, thus sharing similar routes, potentially allowing traffic correlation.