Re: [quicwg/base-drafts] Handling of duplicate packets (#1405)
Magnus Westerlund <notifications@github.com> Mon, 18 June 2018 12:49 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 679B3130EBF for <quic-issues@ietfa.amsl.com>; Mon, 18 Jun 2018 05:49:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.01
X-Spam-Level:
X-Spam-Status: No, score=-8.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y3CLADKsImGG for <quic-issues@ietfa.amsl.com>; Mon, 18 Jun 2018 05:49:49 -0700 (PDT)
Received: from out-9.smtp.github.com (out-9.smtp.github.com [192.30.254.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D36E8126DBF for <quic-issues@ietf.org>; Mon, 18 Jun 2018 05:49:49 -0700 (PDT)
Date: Mon, 18 Jun 2018 05:49:49 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1529326189; bh=1fUpJ7QPUnLy2lVjvrZT6+wV+BSJxrSoGt0J23pu6yY=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=h8DAZXW+IcPA+uHOJ/ej4E6Z8Fe3T+YU6JFnmrlPRbtOfu1wj7Qw/gXYHKoXDdbv5 JhMZAsMzW19aMFpeiZ15YlJAZOARYSgSPmPiEpzF3ZXwsy/2xHduMcKL6GlJ/Vf4Xp kixtYBZZBCjsQfWpPx/XYV2JM8tToL6T1GeBY7js=
From: Magnus Westerlund <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abf0700bf563802fb822ad0e51614297dbffd45aac92cf00000001173f6c6d92a169ce138d6870@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/1405/398042975@github.com>
In-Reply-To: <quicwg/base-drafts/issues/1405@github.com>
References: <quicwg/base-drafts/issues/1405@github.com>
Subject: Re: [quicwg/base-drafts] Handling of duplicate packets (#1405)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b27aa6d2b6d6_223e2b14f7640f50113499"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: gloinul
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/1_DfqG6M-FBOsmwUH3AihchM7JI>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2018 12:49:53 -0000
The main point I like to stress, is that there will be a number of long lived connections that never will rekey if they are only based on sent packets. Even if one send 136 packets per second, the sender rekeys only once every year. And there are plenty of applications that will send less than a packet a second on average. The attack outlined is not affecting the number of sent packets by the sender in any significant way, it will only result in sending a lot of packets to the receiver and watch for signs of successful forgery by monitoring what the receiver emits back to the sender. Thus, if one can send 10000 packets a second to the receiver, then one will have had the possibility of sending ~2^38 packet by the time of rekeying. So still a low probability of success but not insignificant. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/1405#issuecomment-398042975
- Re: [quicwg/base-drafts] Handling of duplicate pa… Kazuho Oku
- Re: [quicwg/base-drafts] Handling of duplicate pa… Magnus Westerlund
- Re: [quicwg/base-drafts] Handling of duplicate pa… Magnus Westerlund
- Re: [quicwg/base-drafts] Handling of duplicate pa… Kazuho Oku
- Re: [quicwg/base-drafts] Handling of duplicate pa… MikkelFJ
- Re: [quicwg/base-drafts] Handling of duplicate pa… MikkelFJ
- Re: [quicwg/base-drafts] Handling of duplicate pa… Magnus Westerlund
- Re: [quicwg/base-drafts] Handling of duplicate pa… MikkelFJ
- Re: [quicwg/base-drafts] Handling of duplicate pa… Magnus Westerlund
- Re: [quicwg/base-drafts] Handling of duplicate pa… Kazuho Oku
- Re: [quicwg/base-drafts] Handling of duplicate pa… Christian Huitema
- [quicwg/base-drafts] Handling of duplicate packet… Magnus Westerlund
- Re: [quicwg/base-drafts] Handling of duplicate pa… Mike Bishop
- Re: [quicwg/base-drafts] Handling of duplicate pa… Mike Bishop
- Re: [quicwg/base-drafts] Handling of duplicate pa… ianswett
- Re: [quicwg/base-drafts] Handling of duplicate pa… Martin Thomson
- Re: [quicwg/base-drafts] Handling of duplicate pa… Kazuho Oku
- Re: [quicwg/base-drafts] Handling of duplicate pa… Martin Thomson
- Re: [quicwg/base-drafts] Handling of duplicate pa… Kazuho Oku
- Re: [quicwg/base-drafts] Handling of duplicate pa… Magnus Westerlund
- Re: [quicwg/base-drafts] Handling of duplicate pa… Kazuho Oku
- Re: [quicwg/base-drafts] Handling of duplicate pa… Martin Thomson