IETF Logo Mail Archive

Re: [hybi] Handshake was: The WebSocket protocol issues.

Roderick Baier <roderick.baier@hs-weingarten.de> Wed, 29 September 2010 09:17 UTC

Return-Path: <prvs=881272957=roderick.baier@hs-weingarten.de>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D29173A6EAB for <hybi@core3.amsl.com>; Wed, 29 Sep 2010 02:17:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.351
X-Spam-Level:
X-Spam-Status: No, score=0.351 tagged_above=-999 required=5 tests=[AWL=-2.400, BAYES_00=-2.599, GB_SUMOF=5, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hWID3lTDnbbX for <hybi@core3.amsl.com>; Wed, 29 Sep 2010 02:17:39 -0700 (PDT)
Received: from ironport.hs-weingarten.de (ironport.hs-weingarten.de [141.69.1.3]) by core3.amsl.com (Postfix) with ESMTP id 457A93A6EAD for <hybi@ietf.org>; Wed, 29 Sep 2010 02:17:35 -0700 (PDT)
X-IronPort-AV: E=Sophos;i="4.57,252,1283724000"; d="scan'208";a="1287572"
Received: from mail3.fh-weingarten.de (HELO mail3.hs-weingarten.de) ([141.69.46.149]) by ironportmgt.hs-weingarten.de with ESMTP; 29 Sep 2010 11:18:14 +0200
Received: from [141.69.60.41] (MO060041.fh-weingarten.de [141.69.60.41]) (authenticated bits=0) by mail3.hs-weingarten.de (8.13.8/8.13.8/Debian-3) with ESMTP id o8T9ICZ1010881 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 29 Sep 2010 11:18:12 +0200
Message-ID: <4CA30455.9030407@hs-weingarten.de>
Date: Wed, 29 Sep 2010 11:18:13 +0200
From: Roderick Baier <roderick.baier@hs-weingarten.de>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: Maciej Stachowiak <mjs@apple.com>
References: <AANLkTikszM0pVE-0dpZ2kv=i=y5yzS2ekeyZxtz9N=fQ@mail.gmail.com> <62B5CCE3-79AF-4F60-B3A0-5937C9D291D7@apple.com> <AANLkTikKc+4q_Q1+9uDo=ZpFF6S49i6vj2agZOGWVqKm@mail.gmail.com> <E2D38FF3-F1B9-4305-A7FC-A9690D2AEB4A@apple.com> <AANLkTikRYB_suPmSdH3uzGmdynozECRszDx+BpUvtZ4h@mail.gmail.com> <5CBF797D-A58E-4129-96B3-164F6E7409B9@apple.com> <4CA0D0D2.4040006@caucho.com> <AANLkTinACqm-GxUPhvFMf6_sGfeJofwy1r=28o=vgM43@mail.gmail.com> <4CA12810.8020006@caucho.com> <AANLkTimrMfXrnVMjU3f57L_sO7usyYQ56rBM4aMb2Pfr@mail.gmail.com> <20100928052501.GD12373@1wt.eu> <CA8029B0-71A3-44ED-88C6-934FE833BBA2@apple.com> <AANLkTim+fXj-h6OS3OdcfVfh3Q1UwxD8NLVawb=AWHX+@mail.gmail.com> <4FAC5C93-9BDF-4752-AFBC-162D718397AB@apple.com> <AANLkTikcH1W3bQwumqHbe-Yqa3XdoJqCa2b-mZuvoQ7g@mail.gmail.com> <9746E847-DC8B-45A7-ADF3-2ADB9DA7F82E@apple.com>
In-Reply-To: <9746E847-DC8B-45A7-ADF3-2ADB9DA7F82E@apple.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang / Hochschule Ravensburg-Weingarten (Rechenzentrum) on 141.69.46.149
Cc: hybi <hybi@ietf.org>
Subject: Re: [hybi] Handshake was: The WebSocket protocol issues.
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Sep 2010 09:17:39 -0000

Maciej Stachowiak schrieb:
> 
> Another possible strengthening is to design the actual message framing such that it is affected by data from both the client and server parts of the handshake. Let's say the whole frame header is XOR'd with the sum of client and server nonces. Then it is impossible for the server to read frames produced by a party that didn't really participate in the handshake, and likewise makes it impossible to read frames without checking the handshake. Effectively this (lightly) encrypts frame headers so they look like random bytes if there wasn't a proper handshake. For bonus points encrypt the message bodies too, and this would shore up defense against attackers using WebSocket to talk to another protocol (since, past the handshake, their bytes would look random and not actually be controlled by them).
> 


What about XORing the whole frame with the handshake (cf. Vigenère)?
C -> S: frame xor server handshake
S -> C: frame xor client handshake

Regards
Roderick



> I don't know offhand what the perf impact would be of this kind of approach. 
> 
> I note that this ad-hoc approach starts to resemble TLS the more it has added to it, only without the years of review and deployment experience, which is why I am somewhat skeptical of heading further in this direction.
> 
> 
> Regards,
> Maciej
> 
> 
> 
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> hybi mailing list
> hybi@ietf.org
> https://www.ietf.org/mailman/listinfo/hybi

v2.23.0 | Report a Bug | By Email