IETF Logo Mail Archive

Re: [MMUSIC] WGLC for draft-ietf-mmusic-delayed-duplication-01

Ari Keränen <ari.keranen@ericsson.com> Fri, 26 April 2013 15:02 UTC

Return-Path: <ari.keranen@ericsson.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 677DA21F9961 for <mmusic@ietfa.amsl.com>; Fri, 26 Apr 2013 08:02:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.349
X-Spam-Level:
X-Spam-Status: No, score=-5.349 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35, J_CHICKENPOX_33=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VeaMOQHz02ko for <mmusic@ietfa.amsl.com>; Fri, 26 Apr 2013 08:02:47 -0700 (PDT)
Received: from mailgw7.ericsson.se (mailgw7.ericsson.se [193.180.251.48]) by ietfa.amsl.com (Postfix) with ESMTP id 4A6F821F995A for <mmusic@ietf.org>; Fri, 26 Apr 2013 08:02:47 -0700 (PDT)
X-AuditID: c1b4fb30-b7f266d000000cb5-e8-517a9715b5f9
Received: from esessmw0184.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw7.ericsson.se (Symantec Mail Security) with SMTP id 06.33.03253.5179A715; Fri, 26 Apr 2013 17:02:46 +0200 (CEST)
Received: from mail.lmf.ericsson.se (153.88.115.8) by esessmw0184.eemea.ericsson.se (153.88.115.82) with Microsoft SMTP Server id 8.3.279.1; Fri, 26 Apr 2013 17:02:46 +0200
Received: from nomadiclab.lmf.ericsson.se (nomadiclab.lmf.ericsson.se [131.160.33.3]) by mail.lmf.ericsson.se (Postfix) with ESMTP id 7B3742878; Fri, 26 Apr 2013 18:02:45 +0300 (EEST)
Received: from nomadiclab.lmf.ericsson.se (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id EB6AF54CF7; Fri, 26 Apr 2013 18:02:44 +0300 (EEST)
Received: from tri62.nomadiclab.com (localhost [127.0.0.1]) by nomadiclab.lmf.ericsson.se (Postfix) with ESMTP id 9F98B546C5; Fri, 26 Apr 2013 18:02:44 +0300 (EEST)
Message-ID: <517A9714.1010302@ericsson.com>
Date: Fri, 26 Apr 2013 18:02:44 +0300
From: Ari Keränen <ari.keranen@ericsson.com>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130328 Thunderbird/17.0.5
MIME-Version: 1.0
To: "Ali C. Begen (abegen)" <abegen@cisco.com>
References: <515F03F3.6070400@ericsson.com> <51770ADD.6080702@ericsson.com> <C15918F2FCDA0243A7C919DA7C4BE9940D00FB1B@xmb-aln-x01.cisco.com> <51784997.3040207@ericsson.com> <C15918F2FCDA0243A7C919DA7C4BE9940D017374@xmb-aln-x01.cisco.com>
In-Reply-To: <C15918F2FCDA0243A7C919DA7C4BE9940D017374@xmb-aln-x01.cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: ClamAV using ClamSMTP
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrELMWRmVeSWpSXmKPExsUyM+Jvra7Y9KpAg3PXeCwebJ/LaLH/4m1W i6nLH7M4MHtM+b2R1WPJkp9MHl8uf2YLYI7isklJzcksSy3St0vgymi+e5itYLZURe+dL6wN jJdEuhg5OSQETCS2zFjNDmGLSVy4t56ti5GLQ0jgFKPEhI2nGUESQgIbGCWOtStBJHYzStz8 9J8VwlnHKHFh1noWCGcFo8SGtkdgs3gFtCUeLpoD1s4ioCpx6PF+ZhCbTcBe4uaE60A1HByi AskS/3d4Q5QLSpyc+YQFxBYR0JPY3zGNEWQms0A/o8S0FRfBZgoLuEvsWf6GHWLZW0aJru1/ wBKcAr4SMy6dB+tmFrCVuDDnOpQtL9G8dTYzxHNqElfPbWKG+EdV4uq/V4wTGEVnIVk+C0n7 LCTtCxiZVzGy5yZm5qSXm29iBMbDwS2/DXYwbrovdohRmoNFSZx3hlRloJBAemJJanZqakFq UXxRaU5q8SFGJg5OqQbGLpZXhg15HPs8n+9Wv3nNmpHfkH/q/NsV33U11rtpaRralYjN2tii bWBZEfrL8vGWLi7BJ9VaSr0KGW+ftm+ujdwY+d3gd5DNzOV9dyQrhCVOCT88KVH682/ME6tb hSXCs20ZlNdvu7RQ/fCX7ekb32juUFq3boVpRLFnvH/3uyUGet2bo0OVWIozEg21mIuKEwGv 0PESVQIAAA==
Cc: "<draft-ietf-mmusic-delayed-duplication@tools.ietf.org>" <draft-ietf-mmusic-delayed-duplication@tools.ietf.org>, mmusic <mmusic@ietf.org>
Subject: Re: [MMUSIC] WGLC for draft-ietf-mmusic-delayed-duplication-01
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Apr 2013 15:02:48 -0000

On 4/25/13 10:55 AM, Ali C. Begen (abegen) wrote:
>
> On Apr 25, 2013, at 6:07 AM, Ari Keränen <ari.keranen@ericsson.com> wrote:
>
>> On 4/24/13 9:32 AM, Ali C. Begen (abegen) wrote:
>>>
>>> On Apr 24, 2013, at 7:27 AM, Ari Keränen <ari.keranen@ericsson.com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> I reviewed the draft and noticed that in the intro section you
>>>> mention a possible DoS attack using the delayed duplication
>>>> functionality, but it's not discussed at all in the security
>>>> considerations section. Should that be addressed too?
>>>>
>>>
>>> Really? the whole section talks about what could happen if someone
>>> could modify the SDP (number of dup streams, delays, etc.).
>>> Especially the last paragraph mentions this. is it not clear?
>>
>> Not really. I guess I was expecting something more for a "new series of denial-of-service attacks" than what was described in the security section. To make this more clear, perhaps you could use the term DoS also in the security section, where applicable.
>>
>> Especially the last section talks about software bug or misconfiguration, but couldn't an active attacker also do this?
>>
>
> I will change the text as follows. let me know if there are objections.
>
> OLD:
>
>     Another security risk is due to possible software misconfiguration or
>     a software bug where a large number of duplicates could be
>     unwillingly signaled in the 'duplication-delay' attribute.  In
>     applications where this attribute is to be used, it is a good
>     practice to put a hard limit both on the number of duplicate streams
>     and the total delay introduced due to duplication regardless of what
>     the SDP description specifies.
>
> NEW:
>
>     Another security risk is due to possible software misconfiguration or
>     a software bug where a large number of duplicates could be
>     unwillingly signaled in the 'duplication-delay' attribute. Similarly, an attacker can use this attribute to start a denial-of-service attack by signaling and sending too many duplicated streams. In
>     applications where this attribute is to be used, it is a good
>     practice to put a hard limit both on the number of duplicate streams
>     and the total delay introduced due to duplication regardless of what
>     the SDP description specifies.
>

What I was thinking is that can an attacker trick someone supporting 
this feature into sending big set of duplicate streams (instead of just 
a single stream) to a target? That is, is there possible amplification 
due to this extension? Probably not?

Or is there some additional DoS risk for signaling duplicate streams and 
then sending them (as the NEW text says) - instead of just sending if 
you can do that anyway? I'm guessing no..

If those aren't big DoS attack concerns, probably the first part of the 
security considerations is actually more DoS'ish. If that's the case, 
then maybe modify the text with something like:

OLD
    However, these
    require intercepting and rewriting the packets carrying the SDP [...]
NEW
    However, this kind of DoS attacks
    require intercepting and rewriting the packets carrying the SDP [...]


Or maybe the intro text just makes one more worried than you actually 
need to be with this extension.


Cheers,
Ari

v2.23.0 | Report a Bug | By Email