IETF Logo Mail Archive

Re: [quicwg/base-drafts] Define an anti-forgery limit (#3620)

Martin Thomson <notifications@github.com> Fri, 22 May 2020 05:04 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 14C623A0EA4 for <quic-issues@ietfa.amsl.com>; Thu, 21 May 2020 22:04:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.697
X-Spam-Level:
X-Spam-Status: No, score=-1.697 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_IMAGE_ONLY_28=1.404, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a3TU2T8276ce for <quic-issues@ietfa.amsl.com>; Thu, 21 May 2020 22:04:33 -0700 (PDT)
Received: from out-18.smtp.github.com (out-18.smtp.github.com [192.30.252.201]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 290863A0E9D for <quic-issues@ietf.org>; Thu, 21 May 2020 22:04:33 -0700 (PDT)
Received: from github-lowworker-cde56e0.va3-iad.github.net (github-lowworker-cde56e0.va3-iad.github.net [10.48.25.52]) by smtp.github.com (Postfix) with ESMTP id DB0866E0E02 for <quic-issues@ietf.org>; Thu, 21 May 2020 22:04:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1590123871; bh=MIfzzFWdtZIOdBn9deS19X+eGPZ/SIBBbOQ6XDeYYGM=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Y3N+ufCVPDgfE73j9P+rOUhf1uIbc7Q/cyxmR9WGDycPMhRT6Thn9B0a6Yed6xW1C BrJSuPvzO6Pab+eJAFUZCilF+omaOLjeYq8hqMFAynSSdbxEVd01XM6SOPPP7wyX0k 4he1kNOogW/kAdqFaoBAOK8WQ7K5oN2MOYjvFSxY=
Date: Thu, 21 May 2020 22:04:31 -0700
From: Martin Thomson <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJK3PD2BUKZVO5UMZCCV42M7F7EVBNHHCIZGB6U@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/3620/review/416649354@github.com>
In-Reply-To: <quicwg/base-drafts/pull/3620@github.com>
References: <quicwg/base-drafts/pull/3620@github.com>
Subject: Re: [quicwg/base-drafts] Define an anti-forgery limit (#3620)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5ec75d5fcb7d7_6653ff3d60cd96037048d"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: martinthomson
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/27fPAw28sUUrzITdgxZvoz8K9sA>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 May 2020 05:04:37 -0000

@martinthomson commented on this pull request.



> @@ -1550,12 +1550,13 @@ number of attempts to forge packets. TLS achieves this by closing connections
 after any record fails an authentication check. In comparison, QUIC ignores any
 packet that cannot be authenticated, allowing multiple forgery attempts.
 
-Endpoints MUST count the number of received packets that fail authentication.
-If the number of packets that fail authentication with the same key exceeds a
-limit that is specific to the AEAD in use, the endpoint MUST immediately close
-the connection.  Endpoints MUST initiate a key update before reaching this
-limit.  Applying a limit reduces the probability that an attacker is able to
-successfully forge a packet; see {{AEBounds}} and {{ROBUST}}.
+Endpoints MUST count the number of received packets that fail authentication for
+each set of keys.  If the number of packets that fail authentication with the
+same key exceeds a limit that is specific to the AEAD in use, the endpoint MUST
+stop using those keys.  Endpoints MUST initiate a key update before reaching
+this limit.  If a key update is not possible, the endpoints MUST immediately

```suggestion
this limit.  If a key update is not possible, the endpoint MUST immediately
```

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/pull/3620#pullrequestreview-416649354

v2.23.0 | Report a Bug | By Email