Re: [EToSat] BDP parameters draft: security aspects
Christian Huitema <huitema@huitema.net> Wed, 18 December 2019 20:13 UTC
Return-Path: <huitema@huitema.net>
X-Original-To: etosat@ietfa.amsl.com
Delivered-To: etosat@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7525B120967 for <etosat@ietfa.amsl.com>; Wed, 18 Dec 2019 12:13:08 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 56G3uPKFPNBn for <etosat@ietfa.amsl.com>; Wed, 18 Dec 2019 12:13:06 -0800 (PST)
Received: from mx36-out10.antispamcloud.com (mx36-out10.antispamcloud.com [209.126.121.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 09BC3120A77 for <etosat@ietf.org>; Wed, 18 Dec 2019 12:13:06 -0800 (PST)
Received: from xse333.mail2web.com ([66.113.197.79] helo=xse.mail2web.com) by mx62.antispamcloud.com with esmtp (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1ihfgr-0003s3-Tn for etosat@ietf.org; Wed, 18 Dec 2019 21:13:04 +0100
Received: from xsmtp21.mail2web.com (unknown [10.100.68.60]) by xse.mail2web.com (Postfix) with ESMTPS id 47dR5R3f3yzLdN for <etosat@ietf.org>; Wed, 18 Dec 2019 12:12:59 -0800 (PST)
Received: from [10.5.2.16] (helo=xmail06.myhosting.com) by xsmtp21.mail2web.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.92) (envelope-from <huitema@huitema.net>) id 1ihfgp-0003Ai-CV for etosat@ietf.org; Wed, 18 Dec 2019 12:12:59 -0800
Received: (qmail 23840 invoked from network); 18 Dec 2019 20:12:59 -0000
Received: from unknown (HELO [192.168.200.66]) (Authenticated-user:_huitema@huitema.net@[72.235.197.82]) (envelope-sender <huitema@huitema.net>) by xmail06.myhosting.com (qmail-ldap-1.03) with ESMTPA for <Nicolas.Kuhn@cnes.fr>; 18 Dec 2019 20:12:58 -0000
To: gorry@erg.abdn.ac.uk, emile.stephan@orange.com
Cc: "'etosat@ietf.org'" <etosat@ietf.org>, Kuhn Nicolas <Nicolas.Kuhn@cnes.fr>
References: <31545_1576664050_5DF9FBF2_31545_447_1_8150a728-149d-4502-9741-ef0673eb3416@OPEXCAUBM33.corporate.adroot.infra.ftgroup> <5DFA118A.5060806@erg.abdn.ac.uk>
From: Christian Huitema <huitema@huitema.net>
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= mQENBFIRX8gBCAC26usy/Ya38IqaLBSu33vKD6hP5Yw390XsWLaAZTeQR64OJEkoOdXpvcOS HWfMIlD5s5+oHfLe8jjmErFAXYJ8yytPj1fD2OdSKAe1TccUBiOXT8wdVxSr5d0alExVv/LO I/vA2aU1TwOkVHKSapD7j8/HZBrqIWRrXUSj2f5n9tY2nJzG9KRzSG0giaJWBfUFiGb4lvsy IaCaIU0YpfkDDk6PtK5YYzuCeF0B+O7N9LhDu/foUUc4MNq4K3EKDPb2FL1Hrv0XHpkXeMRZ olpH8SUFUJbmi+zYRuUgcXgMZRmZFL1tu6z9h6gY4/KPyF9aYot6zG28Qk/BFQRtj7V1ABEB AAG0J0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PokBOQQTAQIAIwUC UhFfyAIbLwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEJNDCbJVyA1yhbYH/1ud6x6m VqGIp0JcZUfSQO8w+TjugqxCyGNn+w/6Qb5O/xENxNQ4HaMQ5uSRK9n8WKKDDRSzwZ4syKKf wbkfj05vgFxrjCynVbm1zs2X2aGXh+PxPL/WHUaxzEP7KjYbLtCUZDRzOOrm+0LMktngT/k3 6+EZoLEM52hwwpIAzJoscyEz7QfqMOZtFm6xQnlvDQeIrHx0KUvwo/vgDLK3SuruG1CSHcR0 D24kEEUa044AIUKBS3b0b8AR7f6mP2NcnLpdsibtpabi9BzqAidcY/EjTaoea46HXALk/eJd 6OLkLE6UQe1PPzQC4jB7rErX2BxnSkHDw50xMgLRcl5/b1a5AQ0EUhFfyAEIAKp7Cp8lqKTV CC9QiAf6QTIjW+lie5J44Ad++0k8gRgANZVWubQuCQ71gxDWLtxYfFkEXjG4TXV/MUtnOliG 5rc2E+ih6Dg61Y5PQakm9OwPIsOx+2R+iSW325ngln2UQrVPgloO83QiUoi7mBJPbcHlxkhZ bd3+EjFxSLIQogt29sTcg2oSh4oljUpz5niTt69IOfZx21kf29NfDE+Iw56gfrxI2ywZbu5o G+d0ZSp0lsovygpk4jK04fDTq0vxjEU5HjPcsXC4CSZdq5E2DrF4nOh1UHkHzeaXdYR2Bn1Y wTePfaHBFlvQzI+Li/Q6AD/uxbTM0vIcsUxrv3MNHCUAEQEAAYkCPgQYAQIACQUCUhFfyAIb LgEpCRCTQwmyVcgNcsBdIAQZAQIABgUCUhFfyAAKCRC22tOSFDh1UOlBB/94RsCJepNvmi/c YiNmMnm0mKb6vjv43OsHkqrrCqJSfo95KHyl5Up4JEp8tiJMyYT2mp4IsirZHxz/5lqkw9Az tcGAF3GlFsj++xTyD07DXlNeddwTKlqPRi/b8sppjtWur6Pm+wnAHp0mQ7GidhxHccFCl65w uT7S/ocb1MjrTgnAMiz+x87d48n1UJ7yIdI41Wpg2XFZiA9xPBiDuuoPwFj14/nK0elV5Dvq 4/HVgfurb4+fd74PV/CC/dmd7hg0ZRlgnB5rFUcFO7ywb7/TvICIIaLWcI42OJDSZjZ/MAzz BeXm263lHh+kFxkh2LxEHnQGHCHGpTYyi4Z3dv03HtkH/1SI8joQMQq00Bv+RdEbJXfEExrT u4gtdZAihwvy97OPA2nCdTAHm/phkzryMeOaOztI4PS8u2Ce5lUB6P/HcGtK/038KdX5MYST Fn8KUDt4o29bkv0CUXwDzS3oTzPNtGdryBkRMc9b+yn9+AdwFEH4auhiTQXPMnl0+G3nhKr7 jvzVFJCRif3OAhEm4vmBNDE3uuaXFQnbK56GJrnqVN+KX5Z3M7X3fA8UcVCGOEHXRP/aubiw Ngawj0V9x+43kUapFp+nF69R53UI65YtJ95ec4PTO/Edvap8h1UbdEOc4+TiYwY1TBuIKltY 1cnrjgAWUh/Ucvr++/KbD9tD6C8=
Message-ID: <a63e10fb-9bde-db7b-9462-d066d661bc16@huitema.net>
Date: Wed, 18 Dec 2019 10:12:56 -1000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.3.0
MIME-Version: 1.0
In-Reply-To: <5DFA118A.5060806@erg.abdn.ac.uk>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
X-Originating-IP: 66.113.197.79
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 66.113.197.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=66.113.197.0/24@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: ham
X-Spampanel-Outgoing-Evidence: Combined (0.08)
X-Recommended-Action: accept
X-Filter-ID: Mvzo4OR0dZXEDF/gcnlw0c2Pj46HODYmpAMVAv0J1pOpSDasLI4SayDByyq9LIhVUIKlZEkK/lTu CuHo4J34QETNWdUk1Ol2OGx3IfrIJKywOmJyM1qr8uRnWBrbSAGDYbC1vFNC/qFxauDStI0QV8RX qYbtEQV1z/L435ZRxFTE86t9HHZrG1HQoOc7LpKA+rYZvu7UEJiU3s27VgKHO7lwS3dBJTnTxDoD vBGGxpgwWbxrOZCJSMpTl/yE2fo2/nrm0dQcsZiG7SeRRiKOSAZ6weYgSzquK2hxskqXvy8DAJpT 4kpe4kNrctp48w4V1bQ9QP0oow/8SSNNF7oHa3y6i7D2mE046g9MgVta3xDquuFaG9Grr0IfWrye uuHp9xvM70vt2eYKeqO3TxjBD57KuHNaaKdg7iBEZefdsNViNNTu0e7IruXKZTH9VSxKZke5naW7 GR6a0ag3FlRCpOj/Ao+8UDmpPC8FqxW1LPT55flm9wQsIgqzrrcX9yhUVgW9/bktU41htiJ8fk7N kNhDlN3ZFexZfYgAG9qTPTrzvgwP9cMw+lye/qXkeuruM49zcQbne4vePgcv4iEyyps9zSZic0xN U+sMoNUh1ws8RUAMH4eYXAXx66C28YVRVj5DASc9t5zK4wgbYqpsENUOB3vULyJYPmWQ6PCsycgx iMxSpkvqIEtRL3s4ePxvne6Agjui5gKB/Byw/yqfyPKY2AXNZGS5G93aGyH8MqMlOQRMVMd0HCeT skOZ5TL8PQsBQED/m9MQs2avfela3TXg724gFzhHYUe+7aKm0vW7Eb8viP9nIcQ5nrWMiOzhTi+J 2sBvM/O0p+zizleC4lU8fDj1CnRx+r4b/1Q/PZ86zB2Vu6+TJiLath6PGP2/vOnCUbNPgcPcQwzM gKHyQxUo+ql2ySTkvEFH/23XMww2BnTTFGX5/yI4Ky+1ZJcbGqc5H4PEZHeoI/d6LWFf332z7LMw LGdoi9FMQ5j9dQUvMi1YKAun15JQSJLyCT5k+MTObVKxHy/dols381l9r9ft9daDonlwd6LnuX+J u10=
X-Report-Abuse-To: spam@quarantine11.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/etosat/ydCDphihMz5aPlpenvYCq-r7VKM>
Subject: Re: [EToSat] BDP parameters draft: security aspects
X-BeenThere: etosat@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "The EToSat list is a non-WG mailing list used to discuss performance implications of running encrypted transports such as QUIC over satellite." <etosat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/etosat>, <mailto:etosat-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/etosat/>
List-Post: <mailto:etosat@ietf.org>
List-Help: <mailto:etosat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/etosat>, <mailto:etosat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Dec 2019 20:13:09 -0000
Gorry, Yes, if the server adopts a conservative IW based on RTT min and does appropriate pacing, then the risk of a flooding attacks is greatly diminished. But there are two problems. First, the draft does not mention your suggestion in its security section. It probably should. Second, the algorithm that you propose uses more information than the BDP and IW values carried in the transport parameters. You write that the server can check whether the client returns encrypted information from the same IP address over which the parameters were initially provided. But the transport parameters are just two integers, without any mention of previous IP address or a cryptographic proof. In QUIC v1, the proof of origin is obtained with the "NEW TOKEN" frame. If you want to restrict the mechanism to situations where the IP address is verified using the token in the Initial packet, the draft should say that. But then, if the mechanism is restricted to repeated calls from the same address verified using the NEW TOKEN/Initial token mechanism, one wonder whether the required information should also be carried in the NEW TOKEN itself, rather than carried in both in clear text in the transport parameters and also in encrypted form in the token. -- Christian Huitema On 12/18/2019 1:46 AM, Gorry Fairhurst wrote: > From the congestion control point of view, this attack does not seem > to exist in the way you suggest: > > Suppose a path is declared as having a large RTT and large BDP. > > If the client returns ecnrypted info form it's IP address, the server > can verify the client is indeed at the same IP address. So it seems > hard to force this behaviour as an attack. > > If the server then "believes" the congestion control info that it has > been passed, it will anticipate a large delay. An increased window of > data would be pacing over the anticpated RRT, say 1 sec. The method > needs to choose an increased IW that is conservative (say ... for > example, this was only enabled when RTT>200mS? and then only scaled by > allowing an increas from the normal that is IW * cached_min_RTT/0.2). > > If the RTT is correct, the client responds 1 RTT later all is well. > > If it happens that the client's RTT is smaller (for whatever reason), > the rate of transmission is still not likely higher than the client > would normally experience (because it is paced to a rate based on a > higher RTT). The first ACK will be received before the entire IW has > been paced-out and the server realises the shorter RTT. > > If it happens the client's RTT is larger (for whatever reason), the > rate of tranbsmission remains the same, but paced-sending ceases > before the RTT. This is better than not trying to adjust the paced-IW > to the RTT, but less than could have been achieved. > > Does that appear unsafe? > > Gorry > > On 18/12/2019, 10:14, emile.stephan@orange.com wrote: >> >> Hi Christian, >> >> Thanks for your analysis of the draft. See inline >> >> -----Original Message----- >> From: Christian Huitema [mailto:huitema@huitema.net] >> Sent: mercredi 18 décembre 2019 03:03 >> To: Kuhn Nicolas >> Cc: 'Gorry (erg)'; 'etosat@ietf.org'; STEPHAN Emile TGI/OLN >> Subject: Re: BDP parameters draft (was: [EToSat] Re-chartering for >> extension work) >> >> ... >> >> There is also a security aspect there. The server that blindly trusts >> >> the BDP option will blast a large number of packets. What if the client >> >> is trying to sabotage the local network? Why should the server trust the >> >> client? The security section does not cover that... >> >> [Emile] >> >> The draft supposes that the BDP parameters are protected using the >> same mechanism that protect initial_max_data TP: the server has a >> mean to check that the parameters proposed by the client are those it >> sent to the client during the previous connexion. We will reword that >> in the security section but it is not an easy part as the usage of >> TLS1.3 newSessionTicket by QUIC is hard to summarize. >> >> Cdt >> >> Emile >> >> On 12/17/2019 7:27 AM, Kuhn Nicolas wrote: >> >> > Hi Mark, Lars, >> >> > >> >> > Many meetings discussed the impacts of QUIC encryption on satellite >> Performance-enhancing proxy (PEP) and the benefit of exchanging >> additional transport parameters. >> >> > draft-kuhn-quic-0rtt-bdp was mentioned as a possible extension >> during « Quick QUIC Update » presentation. >> >> > >> >> > We have updated draft-kuhn-quic-0rtt-bdp-05 as an extension of QUIC. >> >> > We propose to include it in the re-chartering discussion. >> >> > >> >> > Regards, >> >> > Nicolas, Emile and Gorry >> >> > >> >> > >> https://datatracker.ietf.org/meeting/106/materials/slides-106-tsvarea-quick-quic-update-mark-nottingham-00.pdf >> >> > https://tools.ietf.org/html/draft-kuhn-quic-0rtt-bdp-05 >> >> > >> >> _________________________________________________________________________________________________________________________ >> >> >> Ce message et ses pieces jointes peuvent contenir des informations >> confidentielles ou privilegiees et ne doivent donc >> pas etre diffuses, exploites ou copies sans autorisation. Si vous >> avez recu ce message par erreur, veuillez le signaler >> a l'expediteur et le detruire ainsi que les pieces jointes. Les >> messages electroniques etant susceptibles d'alteration, >> Orange decline toute responsabilite si ce message a ete altere, >> deforme ou falsifie. Merci. >> >> This message and its attachments may contain confidential or >> privileged information that may be protected by law; >> they should not be distributed, used or copied without authorisation. >> If you have received this email in error, please notify the sender >> and delete this message and its attachments. >> As emails may be altered, Orange is not liable for messages that have >> been modified, changed or falsified. >> Thank you. >> >> >> _______________________________________________ >> EToSat mailing list >> EToSat@ietf.org >> https://www.ietf.org/mailman/listinfo/etosat > > _______________________________________________ > EToSat mailing list > EToSat@ietf.org > https://www.ietf.org/mailman/listinfo/etosat
- Re: [EToSat] BDP parameters draft: security aspec… emile.stephan
- Re: [EToSat] BDP parameters draft: security aspec… Gorry Fairhurst
- Re: [EToSat] BDP parameters draft: security aspec… Christian Huitema
- Re: [EToSat] BDP parameters draft: security aspec… Gorry Fairhurst