Re: [AVTCORE] [R-C] Fwd: I-D Action: draft-perkins-avtcore-rtp-circuit-breakers-00.txt
Varun Singh <vsingh.ietf@gmail.com> Tue, 06 March 2012 13:27 UTC
Return-Path: <vsingh.ietf@gmail.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5AF5021F86E1 for <avt@ietfa.amsl.com>; Tue, 6 Mar 2012 05:27:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IRKH37as+vaa for <avt@ietfa.amsl.com>; Tue, 6 Mar 2012 05:27:08 -0800 (PST)
Received: from mail-ww0-f44.google.com (mail-ww0-f44.google.com [74.125.82.44]) by ietfa.amsl.com (Postfix) with ESMTP id 384CF21F86B0 for <avt@ietf.org>; Tue, 6 Mar 2012 05:27:08 -0800 (PST)
Received: by wgbdr13 with SMTP id dr13so3168265wgb.13 for <avt@ietf.org>; Tue, 06 Mar 2012 05:27:07 -0800 (PST)
Received-SPF: pass (google.com: domain of vsingh.ietf@gmail.com designates 10.216.133.93 as permitted sender) client-ip=10.216.133.93;
Authentication-Results: mr.google.com; spf=pass (google.com: domain of vsingh.ietf@gmail.com designates 10.216.133.93 as permitted sender) smtp.mail=vsingh.ietf@gmail.com; dkim=pass header.i=vsingh.ietf@gmail.com
Received: from mr.google.com ([10.216.133.93]) by 10.216.133.93 with SMTP id p71mr8410576wei.10.1331040427468 (num_hops = 1); Tue, 06 Mar 2012 05:27:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=1tW/N3I57jQNWSOEOcJ6Zh7YEmUxNPySOJCiwfp4qoc=; b=OC6KHedAByJfzce2vsysCOGyUsiRvT6xogU/lcNw9HEjZd9CyKmahZTigkZoTjTLQ1 cp0oqpG4jVvjvEzh4u6aon+JOrAPH1kDVTGTWTLc35BJ+D+80aN2+nqCBT6lXor0GgOd GCgvXLB4FK2lqLsPSfeCGTKMIsVCbbwPgvgjuTrvQV5L9HF1zsZVyCGVDTieVXNWmOVG Xg9HdmyV+WF74XnVPMWp21r1puV+uMiyY2Z+8mlsR62TV6pu3NY3hN8VL7muOTb5ltqg kAq0QTxAgpLabVx0qqZ7SlPk9dm7gdehH1xsEiVVLmOj4713XjMnkjn+ThZ3lqHkzSlC +kHQ==
Received: by 10.216.133.93 with SMTP id p71mr6694353wei.10.1331040427373; Tue, 06 Mar 2012 05:27:07 -0800 (PST)
MIME-Version: 1.0
Received: by 10.223.96.134 with HTTP; Tue, 6 Mar 2012 05:26:47 -0800 (PST)
In-Reply-To: <4F55DE35.6060104@alvestrand.no>
References: <20120305201759.24406.49431.idtracker@ietfa.amsl.com> <766FE318-7DE3-4481-B3C4-C45F2A94C881@csperkins.org> <4F55C25A.9010407@alvestrand.no> <CAEbPqry_wqrj0AHL9cjtYbiDc3xwL_fUoAVg8U91Lo9rkMrFrA@mail.gmail.com> <4F55DE35.6060104@alvestrand.no>
From: Varun Singh <vsingh.ietf@gmail.com>
Date: Tue, 06 Mar 2012 15:26:47 +0200
Message-ID: <CAEbPqrwmF_cGupn6dX0k_1=Vc+rfO8UJp9689WUEXeE_0ebjNQ@mail.gmail.com>
To: Harald Alvestrand <harald@alvestrand.no>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: Colin Perkins <csp@csperkins.org>, "avt@ietf.org WG" <avt@ietf.org>, rtp-congestion@alvestrand.no
Subject: Re: [AVTCORE] [R-C] Fwd: I-D Action: draft-perkins-avtcore-rtp-circuit-breakers-00.txt
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Mar 2012 13:27:09 -0000
Hi Harald, Comment inline. On Tue, Mar 6, 2012 at 11:51, Harald Alvestrand <harald@alvestrand.no> wrote: > On 03/06/2012 10:21 AM, Varun Singh wrote: >> > >>> Security considerations (missing section): For an end node that >>> implements >>> this specification, an active attacker can cut the transmission by faking >>> two RTCP packets that get accepted instead of the recipient's RTCP >>> packets. >>> This may be worthy of a note, and pointer to appropriate defenses. >> >> This is a valid attack. However, if we consider no early-feedback (the >> draft currently only follows RFC3550 timing rules) then the attacker's >> second fake report may be ignored by the sender because it is too >> early. Meanwhile, the actual receiver may get to deliver its RTCP RR. >> >> >> Example: >> SR | | >> | I >> >> -----------------------------------------------------------------------------------------------------------> >> time >> RR | F | F | >> F F | >> >> | are valid SR and RR, F are Fake RTCPs (replaying the last valid RTCP >> report). So, instead of waiting for 3 RTCP reports to arrive the >> sender MUST wait two RTCP intervals? > > Yes, I think stating that the sender waits two RTCP intervals before drawing > a conclusion is a reasonable defense against this version of the attack. > > Another interesting version is what happens if the attacker bumps up the > "highest sequence number received" - the security considerations may want to > say that RRs with a "highest sequence number received" larger than the > highest sequence number sent MAY be part of an attack, so SHOULD be > disregarded. I am not sure if an endpoint reporting a HSN_received larger than the HSN_sent trips any circuit breaker, but if the endpoint doesn't ignore the report then the endpoint may reset its timeout counter. A plan for action for the Security considerations can be to list the values in the fake RTCP report that can trip a circuit breakers and then see how the endpoint can detect or protect against that kind of attack. > But of course, using SRTP on the RTCP channel is also an option for the > defender; that allows the receiver to detect that the replays are replays, > and discard them for that reason. Yes. -- http://www.netlab.tkk.fi/~varun/
- Re: [AVTCORE] [R-C] Fwd: I-D Action: draft-perkin… Harald Alvestrand
- [AVTCORE] Fwd: I-D Action: draft-perkins-avtcore-… Colin Perkins
- Re: [AVTCORE] [R-C] Fwd: I-D Action: draft-perkin… Varun Singh
- Re: [AVTCORE] [R-C] Fwd: I-D Action: draft-perkin… Harald Alvestrand
- Re: [AVTCORE] [R-C] Fwd: I-D Action: draft-perkin… Varun Singh
- Re: [AVTCORE] [R-C] I-D Action: draft-perkins-avt… Colin Perkins
- [AVTCORE] rtp-circuit-breakers-00 when not using … James M. Polk
- Re: [AVTCORE] [R-C] Fwd: I-D Action: draft-perkin… Harald Alvestrand
- Re: [AVTCORE] [R-C] Fwd: I-D Action: draft-perkin… Colin Perkins
- Re: [AVTCORE] [R-C] Fwd: I-D Action: draft-perkin… Harald Alvestrand
- Re: [AVTCORE] I-D Action: draft-perkins-avtcore-r… Colin Perkins
- Re: [AVTCORE] [R-C] I-D Action: draft-perkins-avt… Varun Singh
- Re: [AVTCORE] Fwd: I-D Action: draft-perkins-avtc… Mark Handley
- Re: [AVTCORE] rtp-circuit-breakers-00 when not us… Colin Perkins