IETF Logo Mail Archive

Re: [hybi] Handshake was: The WebSocket protocol issues.

Scott Ferguson <ferg@caucho.com> Wed, 06 October 2010 16:39 UTC

Return-Path: <ferg@caucho.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id BDCB73A70FA for <hybi@core3.amsl.com>; Wed, 6 Oct 2010 09:39:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.501
X-Spam-Level:
X-Spam-Status: No, score=-2.501 tagged_above=-999 required=5 tests=[AWL=0.098, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jSwtn43zycYw for <hybi@core3.amsl.com>; Wed, 6 Oct 2010 09:39:22 -0700 (PDT)
Received: from smtp115.biz.mail.mud.yahoo.com (smtp115.biz.mail.mud.yahoo.com [209.191.68.75]) by core3.amsl.com (Postfix) with SMTP id 670D53A70F3 for <hybi@ietf.org>; Wed, 6 Oct 2010 09:39:22 -0700 (PDT)
Received: (qmail 69777 invoked from network); 6 Oct 2010 16:40:17 -0000
Received: from [192.168.1.11] (ferg@66.92.8.203 with plain) by smtp115.biz.mail.mud.yahoo.com with SMTP; 06 Oct 2010 09:40:17 -0700 PDT
X-Yahoo-SMTP: L1_TBRiswBB5.MuzAo8Yf89wczFo0A2C
X-YMail-OSG: SB.QegwVM1lOYepokF2cVnSGkO6lbSO0GOnBODXcoNE.zoK B1WeG.TgKf_QSieiBhtZBS.9lz2diuLAKoSGRNtSjVR_8DZy9OzzRxlTM132 cH57O0vLcYErpGZ1tdUf7Nnk9bXb16tX2SwWvFoaClWoh85upDZfc9ysVEju enL69MJosR5Xssz2xxvTerjzn6DbC4qhJ19kj2LPqrkTXEkykKArdLlBxWH6 RCpMbPFcPS7rdoDWuALQkPJ609YbnuwQktee9Zx2BI5C1oJzqWvkds2JBQ1b EBj4c0w0Su612SWkducHB4tlt7Oqgx8rApVim95AGetQHjvjngz7K79h0Xed PPtzU5rYz
X-Yahoo-Newman-Property: ymail-3
Message-ID: <4CACA667.3040309@caucho.com>
Date: Wed, 06 Oct 2010 09:40:07 -0700
From: Scott Ferguson <ferg@caucho.com>
User-Agent: Thunderbird 2.0.0.24 (X11/20100411)
MIME-Version: 1.0
To: Adam Barth <ietf@adambarth.com>
References: <AANLkTikszM0pVE-0dpZ2kv=i=y5yzS2ekeyZxtz9N=fQ@mail.gmail.com> <AANLkTikcH1W3bQwumqHbe-Yqa3XdoJqCa2b-mZuvoQ7g@mail.gmail.com> <9746E847-DC8B-45A7-ADF3-2ADB9DA7F82E@apple.com> <AANLkTik9igUwoxVrktoBoZrPoUW=Tjh7HyVbGJgQYes-@mail.gmail.com> <9F595226-FA0A-4C38-A6D0-0F4214BD7D21@apple.com> <4CA4BE10.1010709@caucho.com> <AANLkTi=wKFnNOuM+U3fktAFRn3R5OZ7c6PR2W3EAy7tm@mail.gmail.com> <4CA53E6B.1040808@caucho.com> <AANLkTikOyvF5AHTf4sDD=rWmK2FTD6R6LaHa4KTqkbcm@mail.gmail.com> <4CA68098.8010404@caucho.com> <AANLkTinYhW9MnnM3tkbCWziePyM7mFUEteKhw5OGp-eS@mail.gmail.com> <AANLkTi=_ejOCNiM49VW5q05=H7-M0jzAvXvGaKM1b7mX@mail.gmail.com> <AANLkTimyJj+Jxz1Q6fLrQ8iosGkD+0shUh3=td+jX_Do@mail.gmail.com> <4CA772A1.2090808@caucho.com> <AANLkTi=nLixtxMEd4B58Zp5FRbquNX2C_=7gCf9BGGQs@mail.gmail.com> <4CABCBFA.6020100@caucho.com> <AANLkTi=5wbCXWpOtUQT1MndgCxt9gj6uR_3U=nONpjKc@mail.gmail.com> <4CABD11F.3060500@caucho.com> <AANLkTiksehiSp7DB17MBVBb457p6pN5E8vma6FHz1c9j@mail.gmail.com>
In-Reply-To: <AANLkTiksehiSp7DB17MBVBb457p6pN5E8vma6FHz1c9j@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: hybi <hybi@ietf.org>
Subject: Re: [hybi] Handshake was: The WebSocket protocol issues.
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Oct 2010 16:39:23 -0000

Adam Barth wrote:
> The claim was that the presence of H(c-nonce, "WebSocket") in the
> payload was sufficient to prove that the respondent understood what
> was going on.  Notice that in this example, you're also relying upon
> the rigidity of the bytes surrounding the HMAC for security, which
> proves my point: the HMAC alone is insufficient.
>
> In any case, I'd encourage you to thinking about this proposal instead:
>   
> Consider, for example, a virtual hosting environment in which the
> attacker can place PHP scripts on the server.  For example, such
> hosting environments are widely available commercially, such as from
> 1and1.com.  Now, the attacker can complete the WebSocket handshake
> because the PHP script can compute the HMAC and send the appropriate
> response header.

That's the same hand-waving in lieu of an actual attack. Let's review.

Proposed attack: Attack server S with the help of DNS (or hosted HTTP 
server.)

Since your attack in the previous mail did not include a connection to 
server S, your description did not demonstrate the validity of your 
attack against S. (If you want to attack DNS itself, we can discuss that 
as a new attack, but you would need to withdraw your broader claim first.)

You need to demonstrate a sequence of connections to make that attack 
work (without using a WebServer proxy or time travel). For discussion, 
I've granted you syntax, but you must still demonstrate your sequence of 
connections and propagation of the c-nonce and H to complete the attack.

At very least, you need to make clear whether you mean the PHP server to 
act as a proxy or if you mean to establish a second WebSocket from the 
browser. You may not, however, change the target IP address of the first 
WebSocket connection from the PHP server to the target server using the 
original socket.

-- Scott


> /www.ietf.org/mail-archive/web/hybi/current/msg04285.html
>
> Adam
>
>
>
>

v2.23.0 | Report a Bug | By Email