[CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13
"Riad S. Wahby" <riad@cmu.edu> Thu, 23 May 2024 21:54 UTC
Return-Path: <rswatjfet.org@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2264C1519AC for <cfrg@ietfa.amsl.com>; Thu, 23 May 2024 14:54:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.649
X-Spam-Level:
X-Spam-Status: No, score=-6.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XcjS4t6IFaQa for <cfrg@ietfa.amsl.com>; Thu, 23 May 2024 14:54:22 -0700 (PDT)
Received: from mail-qt1-f175.google.com (mail-qt1-f175.google.com [209.85.160.175]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15F8DC1519A9 for <cfrg@irtf.org>; Thu, 23 May 2024 14:54:22 -0700 (PDT)
Received: by mail-qt1-f175.google.com with SMTP id d75a77b69052e-43df751b5b8so18722591cf.0 for <cfrg@irtf.org>; Thu, 23 May 2024 14:54:22 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716501261; x=1717106061; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=hUzZGMsG8P+tELIWuVOxh8VJOmBWMMZm4XFk/j3G3Mg=; b=v3OC9oJougSU5hgylRISSlOMRJGJFBb+yFm3+Kn3/mfSWiP4F+zbC/NLCe3lQSqrLW hL727uCBiTelBZxbmUMxaIEf5FIqqHa1iVoUUo1Hxy6eNLdF9+QF5gsig1VsRdjFd5RE XvocS1n1FlQwrVSlJq603gMxHfOSX8azuUY03z6sfp0PShUsyBM6zRaTxAO+NlcUIEmt xIN10FIj8Rqf5URga00gUA9UFJPfGfwUQkd/JEqbVGYY+6SWrWOxPBrOakr/n+3nvxUj uNao/AdytKs1sC/VD1UxReW8byh5jQC8dqZDlXxC7lZNveHqAnFl22eG6vwbOf40YH1v SyNA==
X-Forwarded-Encrypted: i=1; AJvYcCX0vTYySx1t3/dRqx6lxSzVVQeA7sptw2UNkUVPul23LK7ZOaUsF0G9PN4qUgHMMCbe4zd4nY4GCOMtNNTa
X-Gm-Message-State: AOJu0Yy3kYLyvk6+fj809GEIzLp2yLY0e4e9dK8hf/xAUO3pRHvZx/XK i8VSYbg/zlXJNyVjJxHZx5XU8thHjNBlTcVwPZJ3oF+eTrJGDB0a
X-Google-Smtp-Source: AGHT+IH0SMbSxfY/1RFn6ciUXNLjAypz+2KIFy5uKCKWEiWcFjaqzu9qoKQHX5aIYUj67LjTzqJ1Ug==
X-Received: by 2002:ac8:5ac4:0:b0:43d:e767:f106 with SMTP id d75a77b69052e-43fafb59484mr14376251cf.30.1716501260907; Thu, 23 May 2024 14:54:20 -0700 (PDT)
Received: from localhost ([71.116.60.198]) by smtp.gmail.com with ESMTPSA id d75a77b69052e-43fb17f3bfasm812261cf.37.2024.05.23.14.54.19 (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Thu, 23 May 2024 14:54:20 -0700 (PDT)
Date: Thu, 23 May 2024 17:54:19 -0400
From: "Riad S. Wahby" <riad@cmu.edu>
To: "Hao, Feng" <Feng.Hao@warwick.ac.uk>
Message-ID: <y5y4iquyvrao7jtpyc2ycjtz4sg5dbzhrhddz5j6rv3eydyd2o@zy65yreteuoh>
References: <CADi0yUMO+HMNNa5G4OX5O-3YRp77Y7Gdq2-ekQSuF4KnKia8=g@mail.gmail.com> <GV1PR01MB8436D21464504C1007B5C22BD6E92@GV1PR01MB8436.eurprd01.prod.exchangelabs.com> <CADi0yUNbiVTe9BaoCFgDaTC06Z1LMAx6q2hJDiWydpy6xFqtRQ@mail.gmail.com> <GV1PR01MB8436B6B6B75DEBC9F1FB30A9D6EA2@GV1PR01MB8436.eurprd01.prod.exchangelabs.com> <CADi0yUNCkk8Y5dQJH6DjR33cP7KXXrQsmHfA0UDRxjGuoXCaLA@mail.gmail.com> <GV1PR01MB8436DBCC8F5B167B0B44490AD6EA2@GV1PR01MB8436.eurprd01.prod.exchangelabs.com> <CADi0yUPcyc9oSM4NqWynkWuTPStnD9yqt4XwmAg7c=XjCtik4A@mail.gmail.com> <GV1PR01MB84364908B61E293E46012214D6EB2@GV1PR01MB8436.eurprd01.prod.exchangelabs.com> <CADi0yUOtSBmCnQMP-MoyzzxF6LZQcrKfo03sN2cNuO6MS74NAg@mail.gmail.com> <GV1PR01MB84361129416DC8B621CAAEDFD6F42@GV1PR01MB8436.eurprd01.prod.exchangelabs.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <GV1PR01MB84361129416DC8B621CAAEDFD6F42@GV1PR01MB8436.eurprd01.prod.exchangelabs.com>
Message-ID-Hash: GS36JZZROVZ37WPO66XLRL7L77AF7DB3
X-Message-ID-Hash: GS36JZZROVZ37WPO66XLRL7L77AF7DB3
X-MailFrom: rswatjfet.org@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-cfrg.irtf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Hugo Krawczyk <hugo@ee.technion.ac.il>, IRTF CFRG <cfrg@irtf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Owner: <mailto:cfrg-owner@irtf.org>
List-Post: <mailto:cfrg@irtf.org>
List-Subscribe: <mailto:cfrg-join@irtf.org>
List-Unsubscribe: <mailto:cfrg-leave@irtf.org>
Hello Feng, "Hao, Feng" <Feng.Hao=40warwick.ac.uk@dmarc.ietf.org> wrote: > The counter-based threshold control at the server can get far more > complicated than what you describe because of the “undetectable” nature > of this online dictionary attack – the server can’t distinguish legitimate > drop-outs (say due to network delay or error) and illegitimate ones (say an > attack), and hence can’t reliably define what’s meant by an authentication > failure. Legitimate users may be locked out of their accounts, not because > of using the wrong password, but because of the data retransmissions in > a slow network. I should highlight that SRP-6a is not subject to this > attack, and is more secure in this regard. What you are calling complicated is in fact a completely standard attack detection heuristic. Password-based authentication should always be rate limited because passwords may have low entropy. When an attack is detected, some flavor of rate limiting must be applied. This is true even when the attack is detected via a mechanism that can distinguish between attacks and network failures. So your point is really just that one could sometimes avoid rate limiting by distinguishing between attacks and network failures, and that doing so helps clients with bad network connections. This is nice, but it's not a security property: deciding not to rate limit when the server detects a network failure is more reasonably categorized as a mild optimization. And it's not obviously a useful one. As anyone who has an SSH server on a public IP knows, the vast majority of failed logins are attacks. So in any case if I were deploying a network service I wouldn't relax my rate limiter for network failures. First, this is unnecessary optimization for a rare corner case. Second, I am not at all convinced that "authentication succeeds and network drops repeatedly" isn't just another flavor of attack. Tarpit first, ask questions later. -=rsw
- [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Stanislav V. Smyshlyaev
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Russ Housley
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Stanislav V. Smyshlyaev
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 steve
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Stanislav V. Smyshlyaev
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Stanislav V. Smyshlyaev
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Stefan Santesson
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Riad S. Wahby
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 stef
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Riad S. Wahby
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 stefan marsiske
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Riad S. Wahby
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Campagna, Matthew
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Stanislav V. Smyshlyaev
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 steve
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 steve
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- Re: [CFRG] RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Watson Ladd
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Eric Rescorla
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Eric Rescorla
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hugo Krawczyk
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Eric Rescorla
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Hao, Feng
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Watson Ladd
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Christopher Patton
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Christopher Patton
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Kevin Lewi
- [CFRG] Re: RGLC on draft-irtf-cfrg-opaque-13 Stanislav V. Smyshlyaev