IETF Logo Mail Archive

[quicwg/base-drafts] ECN attacks (#2163)

ekr <notifications@github.com> Thu, 13 December 2018 22:11 UTC

Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78245130E26 for <quic-issues@ietfa.amsl.com>; Thu, 13 Dec 2018 14:11:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.842
X-Spam-Level:
X-Spam-Status: No, score=-7.842 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_24=1.618, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T5AQyPlAW-A1 for <quic-issues@ietfa.amsl.com>; Thu, 13 Dec 2018 14:11:11 -0800 (PST)
Received: from out-5.smtp.github.com (out-5.smtp.github.com [192.30.252.196]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94AF9130EC2 for <quic-issues@ietf.org>; Thu, 13 Dec 2018 14:11:11 -0800 (PST)
Date: Thu, 13 Dec 2018 14:11:10 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1544739070; bh=XF1lZwVkT6VdxGMSgg3Napd8doIZyzM/dke4WXZoIqQ=; h=Date:From:Reply-To:To:Cc:Subject:List-ID:List-Archive:List-Post: List-Unsubscribe:From; b=auq2pa91UtC5Cze2zL+3BVp+Ym9CW4BlDwuFi+xNIsZ2TMZYt2l/dgTfu9AhMVATb hU26zvMx0MUjwCXIyJQR5ydiubY1c+pWnNZJK5IT1LwQH0CI60WXZ3hvWbNOnpz4gw Cm1kqdhEP/dPnSyfj0hRWnW1nO5bc3u6nPtfNj+Y=
From: ekr <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4ab98c97690ec2ff0685c8d4246c3700d66befed6fb92cf00000001182a9afe92a169ce174c60de@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/2163@github.com>
Subject: [quicwg/base-drafts] ECN attacks (#2163)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c12d8fe5e40f_15733f85462d45b4182151"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: ekr
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/ABJulwDGKfVbmiZgvK6BrAmphmw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Dec 2018 22:11:14 -0000

S 21.7 

```
An on-the-side attacker can duplicate and send packets with modified ECN
codepoints to affect the sender's rate.  If duplicate packets are discarded by a
receiver, an off-path attacker will need to race the duplicate packet against
the original to be successful in this attack.  Therefore, QUIC receivers ignore
ECN codepoints set in duplicate packets (see {{ecn}}).
```

This could use more elaboration. As written, it seems like if you win the race (which you might like half the time) then you will succeed in the attack. Is that true?


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/quicwg/base-drafts/issues/2163

v2.23.0 | Report a Bug | By Email