Re: [quicwg/base-drafts] Amplification attack using retry tokens and spoofed addresses (#2064)
Christian Huitema <notifications@github.com> Fri, 30 November 2018 17:46 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 49D3B130E9A for <quic-issues@ietfa.amsl.com>; Fri, 30 Nov 2018 09:46:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.46
X-Spam-Level:
X-Spam-Status: No, score=-9.46 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-1.46, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nalR4WzIVGCk for <quic-issues@ietfa.amsl.com>; Fri, 30 Nov 2018 09:46:13 -0800 (PST)
Received: from out-1.smtp.github.com (out-1.smtp.github.com [192.30.252.192]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E7F3F130E9C for <quic-issues@ietf.org>; Fri, 30 Nov 2018 09:46:12 -0800 (PST)
Date: Fri, 30 Nov 2018 09:46:12 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1543599972; bh=hj4vvD/8a9C3jH0da2+CXz8MkKBRzj8w+QCQ/7QGNDI=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=cX8RV9uLOsvlOYDYkCql3RB2utr1YNXsQEcm+wP+cO+m95ZWWpp//4xhkDlvbXKZg Uzofb8xojlojhc0t75QjL9IYWABsZnYplEfmti9QSjy31UlVo5CKsG3JgPTcwXR+n+ fve6dHbzYa+5tILWa81MO+jPCVnThgEoeghKmuVY=
From: Christian Huitema <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4abbfbc60e0be852af6b23f286d69474904dd615b3692cf000000011819396492a169ce16f92d74@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2064/c443282924@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2064@github.com>
References: <quicwg/base-drafts/pull/2064@github.com>
Subject: Re: [quicwg/base-drafts] Amplification attack using retry tokens and spoofed addresses (#2064)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5c01776419e58_41033fa4a02d45b823837d"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: huitema
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/hGqF9gpjAqf-xVi-609yAMFp2l8>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Nov 2018 17:46:14 -0000
How about the following rewrite: ``` Attackers could replay tokens to use servers as amplifiers in DDOS attacks. Servers SHOULD protect against such attacks by ensuring that tokens have a short life time. They MAY ensure that tokens are used by clients only once. ``` This takes into account Ian's comments that tokens need not be obtained fraudulently. It also takes into account Jana's comment that on big server farms it is much easier to limit lifetime than to enforce single use. The main point of the MAY is that it forces clients to not assume they can ever reuse a token. Should we add a description of the attack in the security section? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/2064#issuecomment-443282924
- [quicwg/base-drafts] Amplification attack using r… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… Martin Thomson
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… Martin Thomson
- Re: [quicwg/base-drafts] Amplification attack usi… ianswett
- Re: [quicwg/base-drafts] Amplification attack usi… ianswett
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… janaiyengar
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… janaiyengar
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… Marten Seemann
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… MikkelFJ
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… MikkelFJ
- Re: [quicwg/base-drafts] Amplification attack usi… MikkelFJ
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… MikkelFJ
- Re: [quicwg/base-drafts] Amplification attack usi… MikkelFJ
- Re: [quicwg/base-drafts] Amplification attack usi… janaiyengar
- Re: [quicwg/base-drafts] Amplification attack usi… MikkelFJ
- Re: [quicwg/base-drafts] Amplification attack usi… Marten Seemann
- Re: [quicwg/base-drafts] Amplification attack usi… Kazuho Oku
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… ianswett
- Re: [quicwg/base-drafts] Amplification attack usi… ianswett
- Re: [quicwg/base-drafts] Amplification attack usi… Marten Seemann
- Re: [quicwg/base-drafts] Amplification attack usi… Martin Thomson
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema
- Re: [quicwg/base-drafts] Amplification attack usi… MikkelFJ
- Re: [quicwg/base-drafts] Amplification attack usi… Dmitri Tikhonov
- Re: [quicwg/base-drafts] Amplification attack usi… Martin Thomson
- Re: [quicwg/base-drafts] Amplification attack usi… janaiyengar
- Re: [quicwg/base-drafts] Amplification attack usi… janaiyengar
- Re: [quicwg/base-drafts] Amplification attack usi… ianswett
- Re: [quicwg/base-drafts] Amplification attack usi… Kazuho Oku
- Re: [quicwg/base-drafts] Amplification attack usi… Martin Thomson
- Re: [quicwg/base-drafts] Amplification attack usi… MikkelFJ
- Re: [quicwg/base-drafts] Amplification attack usi… Christian Huitema