IETF Logo Mail Archive

Re: [hybi] Experiment comparing Upgrade and CONNECT handshakes

Adam Barth <ietf@adambarth.com> Sat, 04 December 2010 09:22 UTC

Return-Path: <ietf@adambarth.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E766B3A6A86 for <hybi@core3.amsl.com>; Sat, 4 Dec 2010 01:22:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.986
X-Spam-Level:
X-Spam-Status: No, score=-3.986 tagged_above=-999 required=5 tests=[AWL=-1.009, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MQhtsrFidHcj for <hybi@core3.amsl.com>; Sat, 4 Dec 2010 01:22:13 -0800 (PST)
Received: from mail-gy0-f172.google.com (mail-gy0-f172.google.com [209.85.160.172]) by core3.amsl.com (Postfix) with ESMTP id 7A4353A68CC for <hybi@ietf.org>; Sat, 4 Dec 2010 01:22:13 -0800 (PST)
Received: by gyb13 with SMTP id 13so5777392gyb.31 for <hybi@ietf.org>; Sat, 04 Dec 2010 01:23:32 -0800 (PST)
Received: by 10.150.178.15 with SMTP id a15mr5357342ybf.382.1291454612321; Sat, 04 Dec 2010 01:23:32 -0800 (PST)
Received: from mail-iw0-f172.google.com (mail-iw0-f172.google.com [209.85.214.172]) by mx.google.com with ESMTPS id q41sm1864680ybk.13.2010.12.04.01.23.30 (version=SSLv3 cipher=RC4-MD5); Sat, 04 Dec 2010 01:23:31 -0800 (PST)
Received: by iwn40 with SMTP id 40so12803190iwn.31 for <hybi@ietf.org>; Sat, 04 Dec 2010 01:23:30 -0800 (PST)
Received: by 10.231.39.129 with SMTP id g1mr2956265ibe.178.1291454610297; Sat, 04 Dec 2010 01:23:30 -0800 (PST)
MIME-Version: 1.0
Received: by 10.231.12.77 with HTTP; Sat, 4 Dec 2010 01:23:00 -0800 (PST)
In-Reply-To: <nm1jf6hs48ss7vf7fl7b27jpsh9kaijmk7@hive.bjoern.hoehrmann.de>
References: <AANLkTim_8g-Cb01si00EkvCK5BtXUx3zHsUee1F6JqsD@mail.gmail.com> <nm1jf6hs48ss7vf7fl7b27jpsh9kaijmk7@hive.bjoern.hoehrmann.de>
From: Adam Barth <ietf@adambarth.com>
Date: Sat, 04 Dec 2010 01:23:00 -0800
Message-ID: <AANLkTi=yARU3uSTek4fTjVu95yZuMhYC1qwYaSqw=oh=@mail.gmail.com>
To: Bjoern Hoehrmann <derhoermi@gmx.net>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: Hybi <hybi@ietf.org>
Subject: Re: [hybi] Experiment comparing Upgrade and CONNECT handshakes
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Dec 2010 09:22:15 -0000

On Fri, Dec 3, 2010 at 4:26 PM, Bjoern Hoehrmann <derhoermi@gmx.net> wrote:
> * Adam Barth wrote:
>>David Huang, Eric Chen, Eric Rescorla, Collin Jackson, and I have been
>>experimenting with the security of the Upgrade-based and CONNECT-based
>>WebSocket handshakes.  Please find a paper detailing our findings at
>>this location:
>>
>>http://www.adambarth.com/experimental/websocket.pdf
>
> It would have been helpful if the key metrics had been summarized in a
> simple tabular form for easy comparison (so one would not have to com-
> pare an absolute X with a relative "all but two"), but from my cursory
> reading this does not seem helpful in deciding which handshake is best.
>
> For instance, the success rate of cache poisoning is not helpful as
> they apparently compare as 8 vs 0 of about 50 000 attempts. That could
> be chance,

We didn't report the p-value for these observations in the paper, but
running a quick chi-square puts the p-value of these observations
being the same distribution around 0.0047, which is certainly
statistically significant.

> that could be a result due to the rich media banner that
> may not be supported in certain corporate or mobile settings, it could
> be due to mistakes in the experiment, and so on.

As with any experiment, there are factors we can't control.  However,
we do the best we can, and science moves forward.

> If tomorrow someone
> says they repeated the experiment and got 6 vs 3 I would find that en-
> tirely plausible, and if then someone comes along saying it's 3 vs 6
> for them, I would find that plausible too, leaving no clear winner.

I would be surprised if someone made those observations, purely on
mathematical grounds.  Another thing that's not reported in the paper
is that we did a series of pilot studies to work out the bugs in our
experiment.  Our observations were fairly stable across all these
iterations of the experiment.  Of course, reasoning statistically
about the pilot study is tricky due to post-hoc issues, which is why
we only report the final data in the paper, which we can confidently
analyze pre-hoc.

> Could you summarize the key metrics in a tabular form so I can make
> sure I haven't missed or misread any of them (between the Upgrade and
> the CONNECT handshake primarily)?

Sure.  We show that for $100, an attacker is able to succeed in
mounting 8 cache poisoning attacks against the Upgrade handshake.
Note that this value is somewhat of a lower bound because our attacks
are completely untargeted.  By targeting the attack, an attacker can
likely be even more cost-efficient.  By contrast, we never observed a
single successful cache poisoning attack against the CONNECT handshake
despite 54,534 attempts.

Adam

v2.23.0 | Report a Bug | By Email