Re: Security of coalesced packets
Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com> Thu, 12 July 2018 07:02 UTC
Return-Path: <mikkelfj@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C5BF130EBC for <quic@ietfa.amsl.com>; Thu, 12 Jul 2018 00:02:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.738
X-Spam-Level:
X-Spam-Status: No, score=-1.738 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, HTML_OBFUSCATE_05_10=0.26, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id i-uWnJSKdkbQ for <quic@ietfa.amsl.com>; Thu, 12 Jul 2018 00:02:23 -0700 (PDT)
Received: from mail-io0-x22b.google.com (mail-io0-x22b.google.com [IPv6:2607:f8b0:4001:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 61521130E13 for <quic@ietf.org>; Thu, 12 Jul 2018 00:02:23 -0700 (PDT)
Received: by mail-io0-x22b.google.com with SMTP id y10-v6so12295384ioa.10 for <quic@ietf.org>; Thu, 12 Jul 2018 00:02:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:in-reply-to:references:mime-version:date:message-id:subject:to :cc; bh=SK2htsOfNhWy56ux4DJPlAdqFT1nHUWxihgrEXVNLvI=; b=U84VyCY7/z+kwKHOdAZrCHIMSNcebSmH+NNkYyt1P+0rJmIvZYQldoY/fQWCFkhqio mX8ADHruI3JdJBdT28Wig0grX/oWuBZ+HWLYyZKBzHiKAImy/BZ6Zh6VJ0fU+embhGsX E9SOc3yMRTXmyrE+dHUbInKPAGM7xnj0L26lglu1g7B/wXDAfMd5sIJwDVTkKFHINrQu kaVXKclPlYTvjlFBqhGeYY2JHLyC0b2aibxcqd1bZJPn4sTdt1Ks4yJzgrolkG0/fRRe joZtcFjgDITK7o1/HTd45S9ZyUWKEdPwMZXq7TDtcDIdO0UagZYEpHh+2K4benhKon3s EYOQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:in-reply-to:references:mime-version:date :message-id:subject:to:cc; bh=SK2htsOfNhWy56ux4DJPlAdqFT1nHUWxihgrEXVNLvI=; b=IxuR79WHfE7s8gKI3vMdHVfXVb2zJa20muv/LV3fOTPIVrsvaUpuvo3nSshecBi0ZB GeIQ+CYbDrcPB5oed2yLddlSYXn+RQqnrDwEYgS31+dAoqx8d+XMcepkbRJg+mjZsI3Q iLyHnrAtnodRvoUGhuUzGHRKRkIFZRwOjSLdWQMwsMq4hZSqhr1kadRmMUy/vofGrX9+ VcbpWj6ViSYMW1Dx3s+ItppvxFGJPs3lgtnyH13HHPA5Cz3eiHuem/rlJtTTFTgvDinv BZ9KbPOeaecgCojbtSkSADswjmcIspJ8kZlBghGJiBqXZx3i7CiQm0Kqo50srpfsKvH4 SYcQ==
X-Gm-Message-State: AOUpUlHOzpdObAa1A/6GNwoZkRXqB5MxOWNyOuUvTEQCRuaiiWJrgIUd T+aO7NqQ39l8LkfisYyDQPKUotnbMtfAD9eRAGE=
X-Google-Smtp-Source: AAOMgpcGOipETlGl6EwNvb9clikncoNSnMzcJ8eGTu62HJP0ut2f2J/hogDKiP4vJWEbDs/zMMhBiklUc9MAETwsEe8=
X-Received: by 2002:a6b:b3d7:: with SMTP id c206-v6mr1434156iof.606.1531378942760; Thu, 12 Jul 2018 00:02:22 -0700 (PDT)
Received: from 1058052472880 named unknown by gmailapi.google.com with HTTPREST; Thu, 12 Jul 2018 00:02:22 -0700
From: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
In-Reply-To: <CABkgnnWG_Bhi67QXpn9aOfZ4gRcgup_7K0hFox8zr_jO1hPsaA@mail.gmail.com>
References: <CAN1APdfrjbZvvJj33taJpYCc2utTuHwZx8O6_um-nB7OLpFx5Q@mail.gmail.com> <CABkgnnWG_Bhi67QXpn9aOfZ4gRcgup_7K0hFox8zr_jO1hPsaA@mail.gmail.com>
X-Mailer: Airmail (420)
MIME-Version: 1.0
Date: Thu, 12 Jul 2018 00:02:22 -0700
Message-ID: <CAN1APdcs=v7+BGdKRwSQJsSvKb8VrSip=dEcZkdU7ic7H23Kqg@mail.gmail.com>
Subject: Re: Security of coalesced packets
To: Martin Thomson <martin.thomson@gmail.com>
Cc: QUIC WG <quic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000e662df0570c7f1db"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/BWv-u-6J5QMJSDu5NcwlPmfZfaQ>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jul 2018 07:02:29 -0000
In the current design, you need to use the long header to coalesce (the trailing packet can use the short header). And packets with the long header only appear during connection setup. The thing is that any MitM can add a long header at any point in time. So long headers can appear throughout the connection alhough not a meaningful. For the same reason it is also easy to disallow later in the connection, but it isn’t. I get you point about other signals in rate and IP headers. The IP headers could be monitored and are less likely to be abused - but my knowledge is limited here. Of course unexpected long headers could also raise a flag, but disallowing would be simpler. Traffic rate signalling is hard to avoid, it is known that THOR traffic is identified this way, albeit based on the inherent traffic pattern of the original user. (Which is also why I’m dubious about trying so hard to avoid linkability).
- Security of coalesced packets Mikkel Fahnøe Jørgensen
- Re: Security of coalesced packets Martin Thomson
- Re: Security of coalesced packets Mikkel Fahnøe Jørgensen
- Re: Security of coalesced packets Mikkel Fahnøe Jørgensen
- Re: Security of coalesced packets Kazuho Oku
- Re: Security of coalesced packets Mikkel Fahnøe Jørgensen
- Re: Security of coalesced packets Kazuho Oku