IETF Logo Mail Archive

Re: [hybi] Handshake was: The WebSocket protocol issues.

Adam Barth <ietf@adambarth.com> Sat, 02 October 2010 16:23 UTC

Return-Path: <ietf@adambarth.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3289F3A6EAD for <hybi@core3.amsl.com>; Sat, 2 Oct 2010 09:23:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.007
X-Spam-Level:
X-Spam-Status: No, score=-2.007 tagged_above=-999 required=5 tests=[AWL=-0.030, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MSxe65phQlW4 for <hybi@core3.amsl.com>; Sat, 2 Oct 2010 09:23:56 -0700 (PDT)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by core3.amsl.com (Postfix) with ESMTP id 62C513A6EA6 for <hybi@ietf.org>; Sat, 2 Oct 2010 09:23:56 -0700 (PDT)
Received: by iwn3 with SMTP id 3so6081784iwn.31 for <hybi@ietf.org>; Sat, 02 Oct 2010 09:24:47 -0700 (PDT)
Received: by 10.231.147.131 with SMTP id l3mr7486724ibv.74.1286036686289; Sat, 02 Oct 2010 09:24:46 -0700 (PDT)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by mx.google.com with ESMTPS id n20sm2620089ibe.5.2010.10.02.09.24.44 (version=SSLv3 cipher=RC4-MD5); Sat, 02 Oct 2010 09:24:45 -0700 (PDT)
Received: by iwn3 with SMTP id 3so6081731iwn.31 for <hybi@ietf.org>; Sat, 02 Oct 2010 09:24:44 -0700 (PDT)
Received: by 10.231.157.195 with SMTP id c3mr7428711ibx.155.1286036684116; Sat, 02 Oct 2010 09:24:44 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.231.149.20 with HTTP; Sat, 2 Oct 2010 09:24:11 -0700 (PDT)
In-Reply-To: <AANLkTi=_ejOCNiM49VW5q05=H7-M0jzAvXvGaKM1b7mX@mail.gmail.com>
References: <AANLkTikszM0pVE-0dpZ2kv=i=y5yzS2ekeyZxtz9N=fQ@mail.gmail.com> <AANLkTikRYB_suPmSdH3uzGmdynozECRszDx+BpUvtZ4h@mail.gmail.com> <5CBF797D-A58E-4129-96B3-164F6E7409B9@apple.com> <4CA0D0D2.4040006@caucho.com> <AANLkTinACqm-GxUPhvFMf6_sGfeJofwy1r=28o=vgM43@mail.gmail.com> <4CA12810.8020006@caucho.com> <AANLkTimrMfXrnVMjU3f57L_sO7usyYQ56rBM4aMb2Pfr@mail.gmail.com> <20100928052501.GD12373@1wt.eu> <CA8029B0-71A3-44ED-88C6-934FE833BBA2@apple.com> <AANLkTim+fXj-h6OS3OdcfVfh3Q1UwxD8NLVawb=AWHX+@mail.gmail.com> <4FAC5C93-9BDF-4752-AFBC-162D718397AB@apple.com> <AANLkTikcH1W3bQwumqHbe-Yqa3XdoJqCa2b-mZuvoQ7g@mail.gmail.com> <9746E847-DC8B-45A7-ADF3-2ADB9DA7F82E@apple.com> <AANLkTik9igUwoxVrktoBoZrPoUW=Tjh7HyVbGJgQYes-@mail.gmail.com> <9F595226-FA0A-4C38-A6D0-0F4214BD7D21@apple.com> <4CA4BE10.1010709@caucho.com> <AANLkTi=wKFnNOuM+U3fktAFRn3R5OZ7c6PR2W3EAy7tm@mail.gmail.com> <4CA53E6B.1040808@caucho.com> <AANLkTikOyvF5AHTf4sDD=rWmK2FTD6R6LaHa4KTqkbcm@mail.gmail.com> <4CA68098.8010404@caucho.com> <AANLkTinYhW9MnnM3tkbCWziePyM7mFUEteKhw5OGp-eS@mail.gmail.com> <AANLkTi=_ejOCNiM49VW5q05=H7-M0jzAvXvGaKM1b7mX@mail.gmail.com>
From: Adam Barth <ietf@adambarth.com>
Date: Sat, 02 Oct 2010 09:24:11 -0700
Message-ID: <AANLkTimyJj+Jxz1Q6fLrQ8iosGkD+0shUh3=td+jX_Do@mail.gmail.com>
To: Greg Wilkins <gregw@webtide.com>
Content-Type: text/plain; charset="ISO-8859-1"
Cc: hybi <hybi@ietf.org>
Subject: Re: [hybi] Handshake was: The WebSocket protocol issues.
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 02 Oct 2010 16:23:57 -0000

On Sat, Oct 2, 2010 at 4:09 AM, Greg Wilkins <gregw@webtide.com> wrote:
> The fact that DNS is almost vulnerable to HTTP is interesting, but not
> really relevant to the proposals we have to refine the WS handshake.
> Are you really saying that because DNS is almost vulnerable to crafted
> HTTP requests, that we must space inject the nonces in websocket
> handshakes or leave our hashes unframed?

I'm saying these issue are subtle and require careful thought.  The
success or failure of HTTP POST to attack DNS depends critically on a
number of seemingly irrelevant details about how browsers generate and
process network messages.

I brought up the example of DNS to show how an attacker might be able
to get a non-WebSocket server to rely the c-nonce to the attacker and
let the attacker relay back with the HMAC of the c-nonce.  This
example might not completely break the c-nonce handshake, but it's
evidence that relying upon an HMAC alone is probably unwise.

Adam

v2.23.0 | Report a Bug | By Email