Re: [quicwg/base-drafts] Spoofed retry token attack on IP authentication (#2394)

MikkelFJ <> Fri, 01 February 2019 13:01 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 06C18130EE2 for <>; Fri, 1 Feb 2019 05:01:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -12.552
X-Spam-Status: No, score=-12.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-4.553, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id O74pVdmEFqch for <>; Fri, 1 Feb 2019 05:01:23 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C8342127133 for <>; Fri, 1 Feb 2019 05:01:22 -0800 (PST)
Date: Fri, 01 Feb 2019 05:01:21 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1549026081; bh=7bvv7slgQIM2ZrDeMa/RpOHf8JKqTYHdXyyYzy5bnqA=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=yXy2m99uYP5/MnP+wh67hbGrSscFXSe++Eb+uWCzqqQENQLdbaRh745+uPbajW/D8 WCd7gjLGppzKYKwff/zUZFdmSBVjS3fw1tNGnEdWlDPHjPen7piJezsinS5XCKcJkB /nUaZAyAl33RrnTj7BtNFHdLOjzPdd+AS3v6ltnE=
From: MikkelFJ <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2394/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Spoofed retry token attack on IP authentication (#2394)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c54432197e0e_7ab23fa8becd45b4369c5"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 01 Feb 2019 13:01:27 -0000

Oh, but you can always create a new connection with a spoofed IP, you don't even need a Retry token.

But that makes me question the entire point of

> As long as it is not possible for an attacker to generate a valid token for its own address (see Section 8.1.3) and the client is able to return that token, it proves to the server that it received the token.

But an attacker does not need to forge a token, it can just pretend to have another IP that it can listen in on. The server will then voluntarily provide the token.

I suppose this requires a v2 authenticated handshake.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: