IETF Logo Mail Archive

Re: [hybi] Handshake was: The WebSocket protocol issues.

Scott Ferguson <ferg@caucho.com> Thu, 30 September 2010 16:42 UTC

Return-Path: <ferg@caucho.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 929FC3A6B8E for <hybi@core3.amsl.com>; Thu, 30 Sep 2010 09:42:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.523
X-Spam-Level:
X-Spam-Status: No, score=-2.523 tagged_above=-999 required=5 tests=[AWL=0.076, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DdX+0mpVOqAp for <hybi@core3.amsl.com>; Thu, 30 Sep 2010 09:42:20 -0700 (PDT)
Received: from smtp112.biz.mail.re2.yahoo.com (smtp112.biz.mail.re2.yahoo.com [66.196.116.97]) by core3.amsl.com (Postfix) with SMTP id 77BB83A6C85 for <hybi@ietf.org>; Thu, 30 Sep 2010 09:42:20 -0700 (PDT)
Received: (qmail 78030 invoked from network); 30 Sep 2010 16:43:03 -0000
Received: from [192.168.1.11] (ferg@66.92.8.203 with plain) by smtp112.biz.mail.re2.yahoo.com with SMTP; 30 Sep 2010 09:43:03 -0700 PDT
X-Yahoo-SMTP: L1_TBRiswBB5.MuzAo8Yf89wczFo0A2C
X-YMail-OSG: UsPWKjEVM1mmGNzRAecidEHNu2ToANSlnrqzH8v3riezfpr 9Swboyy0Vb5J.iRMpI7HMogXSIPAC0KJgm9itY5SLx1s1lAn9UcK50n3az5G zxtOStxvBIfKWgnDRQRknIeazW9UadCV27V2GSweDAd6x.F6NQaaKWU9VCc0 I4Nts7JZORgBjbDW7ipmVjqXoNfciSLyzfD.odYm4BZI4eMWTbbDjgKZqcVD 9xfUJLT8aw6ZADyfcF0.eVlNFIe6ed8FVwrqpUvxljHoo9wte0kjrxaH4nLk -
X-Yahoo-Newman-Property: ymail-3
Message-ID: <4CA4BE10.1010709@caucho.com>
Date: Thu, 30 Sep 2010 09:42:56 -0700
From: Scott Ferguson <ferg@caucho.com>
User-Agent: Thunderbird 2.0.0.24 (X11/20100411)
MIME-Version: 1.0
To: Maciej Stachowiak <mjs@apple.com>
References: <AANLkTikszM0pVE-0dpZ2kv=i=y5yzS2ekeyZxtz9N=fQ@mail.gmail.com> <62B5CCE3-79AF-4F60-B3A0-5937C9D291D7@apple.com> <AANLkTikKc+4q_Q1+9uDo=ZpFF6S49i6vj2agZOGWVqKm@mail.gmail.com> <E2D38FF3-F1B9-4305-A7FC-A9690D2AEB4A@apple.com> <AANLkTikRYB_suPmSdH3uzGmdynozECRszDx+BpUvtZ4h@mail.gmail.com> <5CBF797D-A58E-4129-96B3-164F6E7409B9@apple.com> <4CA0D0D2.4040006@caucho.com> <AANLkTinACqm-GxUPhvFMf6_sGfeJofwy1r=28o=vgM43@mail.gmail.com> <4CA12810.8020006@caucho.com> <AANLkTimrMfXrnVMjU3f57L_sO7usyYQ56rBM4aMb2Pfr@mail.gmail.com> <20100928052501.GD12373@1wt.eu> <CA8029B0-71A3-44ED-88C6-934FE833BBA2@apple.com> <AANLkTim+fXj-h6OS3OdcfVfh3Q1UwxD8NLVawb=AWHX+@mail.gmail.com> <4FAC5C93-9BDF-4752-AFBC-162D718397AB@apple.com> <AANLkTikcH1W3bQwumqHbe-Yqa3XdoJqCa2b-mZuvoQ7g@mail.gmail.com> <9746E847-DC8B-45A7-ADF3-2ADB9DA7F82E@apple.com> <AANLkTik9igUwoxVrktoBoZrPoUW=Tjh7HyVbGJgQYes-@mail.gmail.com> <9F595226-FA0A-4C38-A6D0-0F4214BD7D21@apple.com>
In-Reply-To: <9F595226-FA0A-4C38-A6D0-0F4214BD7D21@apple.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: hybi <hybi@ietf.org>
Subject: Re: [hybi] Handshake was: The WebSocket protocol issues.
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Sep 2010 16:42:21 -0000

Maciej Stachowiak wrote:
> On Sep 29, 2010, at 3:28 AM, Greg Wilkins wrote:
>
>   
>> On 29 September 2010 18:56, Maciej Stachowiak <mjs@apple.com> wrote:
>>     
>>> I suspect -76 is not strong enough, but it is slightly stronger in some
>>> specific ways. First, by spreading the data across multiple header fields
>>> and incorporating whitespace, it makes it slightly trickier to do injection
>>> attacks.
>>>       
>> Why is hex encoding simpler to inject than the space/char injected
>> decimal encoding?
>>     
>
> Because you can't inject whitespace into the resource name in the request line.
>   

Maciej, you're missing the entire point of the hash.  The main purpose 
of a hash/digest is to detect modification or replacement of a message 
as in an injection attack. That's what a digest does.

If the hijacker modifies the nonce, changing c-nonce to h-nonce through 
injection, the server will return H(h-nonce, "WebSocket"). The browser 
will then compare the returned hash to its internally-calculated 
H(c-nonce, "WebSocket"), which will not collide because of the hash 
function, detect the injection and drop the connection. That's why you 
have a hash.

In other words, the hash operation protects against the injection 
attacks you're talking about, and it does so in a clean and 
well-understood fashion without any need to play header syntax games. 
Creating multiple nonces does not increase the strength of the digest, 
and the division operation in -76 *weakens* the digest because it 
increases the chance that H(h-nonce, ...) will collide with H(c-nonce, ...).

-- Scott

v2.23.0 | Report a Bug | By Email