Re: [quicwg/base-drafts] Spoofed retry token attack on IP authentication (#2394)

MikkelFJ <> Thu, 31 January 2019 00:06 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 1273D130EBB for <>; Wed, 30 Jan 2019 16:06:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -12.552
X-Spam-Status: No, score=-12.552 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-4.553, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_IMAGE_ONLY_32=0.001, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 6u6TfEB__Gn5 for <>; Wed, 30 Jan 2019 16:06:36 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id A8BED12E7C1 for <>; Wed, 30 Jan 2019 16:06:36 -0800 (PST)
Date: Wed, 30 Jan 2019 16:06:36 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=pf2014; t=1548893196; bh=Suh+vXyaqF4lMyvIUbbhlDzhb8Ilo3G4cDIezvR8764=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=Ek4Uh9+S8DWs88Ryj+Q9adIqsOuMNgjvk+2lgyLFItACT/uUBSIEUS2UaosHhq6gP MppfrXQb9BduiTMSdnLcQtXoth8uro8+YRXP/iaMJMsTpAhR1B9b1c/oiEfF3YMKyl E8VxVFqhzICBvvqZzmPRWCLrOGEv05W3WUq56l4w=
From: MikkelFJ <>
Reply-To: quicwg/base-drafts <>
To: quicwg/base-drafts <>
Cc: Subscribed <>
Message-ID: <quicwg/base-drafts/issues/2394/>
In-Reply-To: <quicwg/base-drafts/issues/>
References: <quicwg/base-drafts/issues/>
Subject: Re: [quicwg/base-drafts] Spoofed retry token attack on IP authentication (#2394)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c523c0c17fbc_33dc3fb8ac4d45b43491cd"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: mikkelfj
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 31 Jan 2019 00:06:38 -0000

@marten-seemann mentioned that a retry always lands on the same server so it is feasible to require a reset token to always be accepted at most once (assuming there is a reasonable timeout).

However, (A) can then still race (C) to gain privilege.

A less likely attack is that (A) downloads a large file to flood (C) since (C) gets mirrored traffic. But (A) must also be able accept the traffic to maintain ACK's.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub: