Re: Questions about Version Negotiation Concerning Possible Handshake Interruption
Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> Fri, 09 February 2018 10:10 UTC
Return-Path: <mikkelfj@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB012127698 for <quic@ietfa.amsl.com>; Fri, 9 Feb 2018 02:10:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.698
X-Spam-Level:
X-Spam-Status: No, score=-2.698 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9ZqLZr-JEtRs for <quic@ietfa.amsl.com>; Fri, 9 Feb 2018 02:10:27 -0800 (PST)
Received: from mail-it0-x22f.google.com (mail-it0-x22f.google.com [IPv6:2607:f8b0:4001:c0b::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61005127342 for <quic@ietf.org>; Fri, 9 Feb 2018 02:10:27 -0800 (PST)
Received: by mail-it0-x22f.google.com with SMTP id i144so10304166ita.3 for <quic@ietf.org>; Fri, 09 Feb 2018 02:10:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to; bh=I/R0061AMUFSbq4sZH5vbrVEVe/sBfJN7rqj6rGAzYo=; b=f2TgFNMBvl0X8j91DdX6tT7LpTRBkozWhKvSbNpjqEFlBwOL8Xd1dJAr2wIxKfgwbe 3RN4bcFRgYYe0gMir9aOs+csOyQBBCWWCZ1Li4z/KPC0vKiHx3PbPA8QgjF7GBj/DbBR pi+fX+HOZdt0kIgbEdQKIWvGXgGXF+Id52nFe6LSZ6FkRsS+tZw2wjcHCshNUYa9pweH qhbOFwKRfH3Js8dN09/XcTE72qhjMAREA6FjWzF9GRnonIZLFfktMPffOHWJ6khdcFhc EBZOGKdoiedzegciEaUYjSR+Vyqfy//aycbTsrzOWurbxnqeiKqlenDjZ1oFlGXM3/zM 7F+w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to; bh=I/R0061AMUFSbq4sZH5vbrVEVe/sBfJN7rqj6rGAzYo=; b=TQAkLGfnoaKtGHZfxgBc2nx1FmobNSC6l5UWOYahlMRKyNbQ4EApk+qk08t+atNQ6s L7sLPMiT61nbjjhNDlHhwk1cIkY9RawSEo8nM2b8bhCPl3H2/DF8QIb0D7vAq4eU1Dny 4FZ6/uwcGK+P1JsBIUyfSXV34sjB7ju79eyAx9yoaFadMbL/fWY/9Fppu6/pY+EDKG9a 01U6RJDsCaSKa7GfAhBAMknWjrKdERzFLFHP4OjJOFarErsysOE73cIigpUoAyIc5F+S DW3uQ+7PzuO6xJUt2bp2Am6sO4y9BByoLiTC4tzl6owTFooZfMNAd33T1pm4g6XJDRuf SjkQ==
X-Gm-Message-State: APf1xPCXDlFcAQvgALFZwoMfWjmseGuYQkzp+3gCxcdJDIRBrnX2uS8H EXCEgND74NEe4ds6XEWbyqj1aCG1TFs5aR2lXLM=
X-Google-Smtp-Source: AH8x226ucIA9kg1iPhuuOqTRkqQWhMwcX9w28uotYX/k4OUIE2urWGp/35bSsaMO72obBofUHnQuZhIVW+CfB/CAYBg=
X-Received: by 10.36.73.24 with SMTP id z24mr2726608ita.91.1518171026768; Fri, 09 Feb 2018 02:10:26 -0800 (PST)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Fri, 9 Feb 2018 05:10:25 -0500
From: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
In-Reply-To: <1d386744-c46a-842a-b172-24e290e03668@gmail.com>
References: <1d386744-c46a-842a-b172-24e290e03668@gmail.com>
X-Mailer: Airmail (420)
MIME-Version: 1.0
Date: Fri, 09 Feb 2018 05:10:25 -0500
Message-ID: <CAN1APdcOqSxJAV-mPh6ssC04wwdNeZ6zsfaY_K9syn4ZG8h-MQ@mail.gmail.com>
Subject: Re: Questions about Version Negotiation Concerning Possible Handshake Interruption
To: Lingmo Zhu <zlm2006@gmail.com>, "quic@ietf.org" <quic@ietf.org>
Content-Type: multipart/alternative; boundary="001a113520eec24a150564c4bced"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/3ZG_I2mc51eK1_fLy7f6VvIOBH0>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Feb 2018 10:10:30 -0000
> What if spoofing from something like router happens? There are integrity checks in place to protect against false packets: https://quicwg.github.io/base-drafts/draft-ietf-quic-transport.html#version-validation A false version negotiation packet could also just confuse and interrupt an existing handshake, but this can also happen in other ways including handling of retry packets. The general consensus seems to be that you cannot really prevent on path attacks that wants to disrupt a handshake. I believe more could be done to prevent off-path attacks, but the spec changes frequently in this area. For example, if a stateless retry packet does not reflect the clients connection ID, a third party could send a retry packet which might not be accepted but could still cause a lot of confusion, and it would be an off path attack to the extend the receivers port and address can be guessed.
- Questions about Version Negotiation Concerning Po… Lingmo Zhu
- Re: Questions about Version Negotiation Concernin… Mikkel Fahnøe Jørgensen
- Re: Questions about Version Negotiation Concernin… Martin Thomson
- Re: Questions about Version Negotiation Concernin… Mikkel Fahnøe Jørgensen
- Re: Questions about Version Negotiation Concernin… Lingmo Zhu
- Re: Questions about Version Negotiation Concernin… Mikkel Fahnøe Jørgensen
- Re: Questions about Version Negotiation Concernin… Kazuho Oku
- Re: Questions about Version Negotiation Concernin… Mikkel Fahnøe Jørgensen
- Re: Questions about Version Negotiation Concernin… Lingmo Zhu
- Re: Questions about Version Negotiation Concernin… Christian Huitema
- Re: Questions about Version Negotiation Concernin… alexandre.ferrieux
- Re: Questions about Version Negotiation Concernin… Martin Thomson
- Re: Questions about Version Negotiation Concernin… Kazuho Oku
- Re: Questions about Version Negotiation Concernin… alexandre.ferrieux
- Re: Questions about Version Negotiation Concernin… Lingmo Zhu
- Malicious Version Negotiation Handling (Was: Ques… Lingmo Zhu
- Re: Malicious Version Negotiation Handling (Was: … Mikkel Fahnøe Jørgensen
- Re: Malicious Version Negotiation Handling (Was: … Eric Rescorla
- Re: Malicious Version Negotiation Handling (Was: … Lingmo Zhu
- Re: Malicious Version Negotiation Handling (Was: … Eric Rescorla
- Re: Malicious Version Negotiation Handling (Was: … Subodh Iyengar
- Re: Malicious Version Negotiation Handling (Was: … Lingmo Zhu
- Re: Malicious Version Negotiation Handling (Was: … Eric Rescorla
- Re: Malicious Version Negotiation Handling (Was: … Christian Huitema
- Re: Malicious Version Negotiation Handling (Was: … Eric Rescorla
- RE: Malicious Version Negotiation Handling (Was: … Lubashev, Igor
- Re: Malicious Version Negotiation Handling (Was: … Christian Huitema
- Re: Malicious Version Negotiation Handling (Was: … Mikkel Fahnøe Jørgensen
- Re: Malicious Version Negotiation Handling (Was: … Spencer Dawkins at IETF