IETF Logo Mail Archive

Re: [hybi] Call for interest: multiplexing dedicated for WebSocket

Takeshi Yoshino <tyoshino@google.com> Tue, 04 June 2013 10:12 UTC

Return-Path: <tyoshino@google.com>
X-Original-To: hybi@ietfa.amsl.com
Delivered-To: hybi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C88321F9BFE for <hybi@ietfa.amsl.com>; Tue, 4 Jun 2013 03:12:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.677
X-Spam-Level:
X-Spam-Status: No, score=-1.677 tagged_above=-999 required=5 tests=[AWL=0.300, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xhQshP8JdACc for <hybi@ietfa.amsl.com>; Tue, 4 Jun 2013 03:12:38 -0700 (PDT)
Received: from mail-ea0-x233.google.com (mail-ea0-x233.google.com [IPv6:2a00:1450:4013:c01::233]) by ietfa.amsl.com (Postfix) with ESMTP id 1357C21F9C09 for <hybi@ietf.org>; Tue, 4 Jun 2013 02:08:38 -0700 (PDT)
Received: by mail-ea0-f179.google.com with SMTP id z16so4347788ead.10 for <hybi@ietf.org>; Tue, 04 Jun 2013 02:08:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=dNMSajBbl5lPrRAnO06YKbSTwqsBCwaZgAlH9Eu2Dl4=; b=KAFQxaVTn1aLpuZxZ17it8MFQFceq7RtM4hojo8v0Kf/fa+0H6hXnyXimgSWLDWpxA lDOFC84zrhwkb6jjS7uh6u+I6z/oOJaWD54yKmv9WT2jlP4bh2NhdQGI7Cc2bGveOxKb DduJaPHApsypDvBtAUNEivETIvLgiiMWSuwz+Y8Mo85R31IDm5G7N8LkxImUyqH0M7Cq mrrcqVuRvISuBNlK9nuOzfGvtg6Xr4Hrw0jhbeqcmVtkU6d8Oa0PHgS5VQSKZkHtxnrM n0RpSuKicLIRil9WGmlvdn8+VqAsZh0JFdZa+Pr0g9917/K4b19vqupF9w6UCRRRe1Sg 1mbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:x-gm-message-state; bh=dNMSajBbl5lPrRAnO06YKbSTwqsBCwaZgAlH9Eu2Dl4=; b=VxJXXuakxGREmVlAz6d0IsZGqG5RtAAb2lJqnlfpUarqsAkQMqmfvx2p3hv68lbmQb +XN7PX0tnDQkfSMxsYOnUhscgYIs9z1NW7BcfU9SJdetVwYX1U/uxGJuKozzid8eU1tB 7S7nLM4i1GaRr52TUEDGAI6Vrm3V9KQb1coC4Q6M3Fmu51F0wIMZTicXdS4A92z4cz2v 0dGElTG6QfNQwJvJgxA+9zZY8zDqs78qFCH3IgaHO60vt4rap9ziRZyA5R+qStMsA3kM gV2tYkPCRwsEZZdstvmW5oykEU/h62R94ilZN1JN1Gbf1nIvQZ/sOFmQJ9mNyyrEA3Hp el4g==
X-Received: by 10.14.225.66 with SMTP id y42mr60435eep.129.1370336917996; Tue, 04 Jun 2013 02:08:37 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.86.67 with HTTP; Tue, 4 Jun 2013 02:08:16 -0700 (PDT)
In-Reply-To: <CAGzyod5Et6c2GoH2zSevLgz+v8PxvKusQBqb1rHD83pp+Xzvpg@mail.gmail.com>
References: <CAH9hSJZxr+aG7GZa4f-dUOTGj4bnJ+3XxivUX4jei5CMyqN4LQ@mail.gmail.com> <634914A010D0B943A035D226786325D4422C319646@EXVMBX020-12.exch020.serverdata.net> <CAH9hSJYrrbSM3TTSKCQ=AMcwCfE4zqNAa1kuAvecrXZTLqy2gQ@mail.gmail.com> <634914A010D0B943A035D226786325D4422C3DA774@EXVMBX020-12.exch020.serverdata.net> <CAHixhFrTk79A07BjQCgvep_+bmA4rGG1ZvqmoS6gsQYNPyPoZA@mail.gmail.com> <CAH9hSJYFa+bqN=e7x87W+Xvq-st70nbzUXniQaPme2fzspCjWA@mail.gmail.com> <51A70DF9.5010601@tavendo.de> <CAGzyod6daSOvAVHU6B=Qr0xDqNca_8iXrFYr0gTGdqZPryFFpA@mail.gmail.com> <51A85EF9.3010907@tavendo.de> <CAGzyod5Et6c2GoH2zSevLgz+v8PxvKusQBqb1rHD83pp+Xzvpg@mail.gmail.com>
From: Takeshi Yoshino <tyoshino@google.com>
Date: Tue, 04 Jun 2013 18:08:16 +0900
Message-ID: <CAH9hSJY_Hyi=c4YQK7ymREbXZw4+Jc_=JbjCxshQw5_CgZbqBg@mail.gmail.com>
To: Roberto Peon <fenix@google.com>
Content-Type: multipart/alternative; boundary="047d7b67099738798b04de506ddb"
X-Gm-Message-State: ALoCoQmw7GpirS0f9kDzAvKbFI/lO0YLY0sD+4fnwVDfsoe30R5fWYNsGXbbic0vAmrNP6SFEGxagTPl8FiL90cZnF65Cov097k+cidBZwwIFHZNaDpeLwiH4Hc2CdygiXLXyXoIuL5EQpV7/kFU8MODwFJ9sz3RXk9qko52KHiDPzApCYDyBRom/IUCE28UJT1mCGqs/vay
Cc: "hybi@ietf.org" <hybi@ietf.org>
Subject: Re: [hybi] Call for interest: multiplexing dedicated for WebSocket
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 04 Jun 2013 10:12:48 -0000

Considering CRIME attack, we have a note in the current multiplexing spec
saying that history based compression should not be used over chunks
containing handshake and ones containing script generated data keeping
compression context.

E.g.
Sec-WebSocket-Extensions: permessage-deflate, mux
is allowed but
Sec-WebSocket-Extensions: mux, permessage-deflate
is prohibited.

I listed CRIME just as an example of security consideration around
multiplexing. For now, it's already addressed in the mux spec.


On Tue, Jun 4, 2013 at 3:12 AM, Roberto Peon <fenix@google.com> wrote:

> Well, more precisely, the compression context must be shared between
> material sourced by the attacker and also for the purpose of using the
> site, and the context must be probe-able in some reasonable amount of time.
> A gzip context which was reused between messages would be a no-no, for
> instance. Another compression context (which makes probing difficult) might
> be acceptable.
>
> -=R
>
>
> On Fri, May 31, 2013 at 1:27 AM, Tobias Oberstein <
> tobias.oberstein@tavendo.de> wrote:
>
>>  The way CRIME works is to have a 3rd party include links to the
>>> site-to-attack. Thus it doesn't matter if the schemes are http, https,
>>> ws, wss, whatever.
>>>
>>
>> Does above refer to the general requirement for CRIME: the attacker must
>> be able to inject data into the source material before it is compressed and
>> then encrypted?
>>
>> If so, how would that be possible with WebSocket and the proposed
>> WebSocket per-message compression?
>>
>>
>> random thoughts:
>>
>> a)
>> permessage-deflate only compresses WS data messages, not control frames.
>>
>> So the attacker would need to inject data into the app-level payload.
>>
>> The only way to send app-level payload in browsers if via the JavaScript
>> WebSocket API (socket.send()).
>>
>> So the attacker would need to somehow modify this JS code. However, the
>> origin of the JS running is (at least with browsers) sent during the WS
>> opening handshake as a HTTP header, and a WS server can check and decline
>> an incoming connection.
>>
>> b)
>> With WS HTTP headers are only sent _once_: during the initial WS opening
>> handshake, and by the client to the server.
>>
>> CRIME requires repeated injection of attacker data.
>>
>> More so: permessage-deflate does not touch the opening handshake, which
>> remains uncompressed.
>>
>> Side Q: Do browsers reuse an established TLS/TCP connection for multiple
>> WS connections?
>>
>> /Tobias
>>
>>
>

v2.23.0 | Report a Bug | By Email