IETF Logo Mail Archive

Re: Fast Address Validation - about

Jana Iyengar <jri.ietf@gmail.com> Fri, 01 November 2019 21:36 UTC

Return-Path: <jri.ietf@gmail.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9DD3120801 for <quic@ietfa.amsl.com>; Fri, 1 Nov 2019 14:36:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MMB1Z-eLqJxW for <quic@ietfa.amsl.com>; Fri, 1 Nov 2019 14:36:29 -0700 (PDT)
Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1ABF5120013 for <quic@ietf.org>; Fri, 1 Nov 2019 14:36:29 -0700 (PDT)
Received: by mail-lj1-x232.google.com with SMTP id t5so11648694ljk.0 for <quic@ietf.org>; Fri, 01 Nov 2019 14:36:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=SeF7vH+PwKur7F2PnltFq9BpTNfQrY8fxrK7Vw8AyuU=; b=W92edBF2kIPrpPsCudFc+3nw6sGnnTX3mWXJsN7AdIcots+Rf2aiA7T8rkS0MW8iD3 fvFIyrBFzB82+MGimjR60+c79oNDpxL+Zv5TzJjidd57TksO8UZBkNrfUzzqZI0VAEBo x006XvZ2m9WLUsv5PLmyca0NWNgXR7b52RKcHr+PEtKaek0KVxTmjl7dGRBa3ymmoz28 4tOdP/FR5mRzdHN41HXM6uX6nm7vs7Qa3PWzk9REKu9H4v+gWe5Ua2fTEsTQhKKXa68s pZ8jU5CzCfo8o51Dw/pAkCkomKwHQwjii1XPitxtt+7lRjIJRCgDlHcYBpAeuu6QFWpK J9rg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=SeF7vH+PwKur7F2PnltFq9BpTNfQrY8fxrK7Vw8AyuU=; b=j2BuXB9cgzkQBpSl7ud0PEWdMnarYyjPWsmEemyjOVwKYGBIXYD/tHnAzLSj3ultIy 2qoCWUUAjwH+GXxcLBCLZBA8RRE6jqF+77o0BfVH8U/UYz3PdMjBTuFORGxk2qX4Ai6P Q1S2mT9CYezVCCHIejySk3U3x2yr4WyhBDmK3FZVxB+OGXrcAsTfjxwLwQhhyJMLbe7s c2076u1JKzIikevkcOgVK1YgD80l8xuT1+KbcF/kVJ2jRFPu/L1NS7oWlAkBVWehsREB iwj7M0UCnA41/rnp74pAQwY14OpxcCC7uEot5ntXh8yOShrj4YYSQBetjkNFKKTT4MdQ co4w==
X-Gm-Message-State: APjAAAVIoPxG0LHhhOP5vyn7lXH6sHiGh/yto2D/wk1maoJvq5sKWIxS Cs9OxeGimlhv+VPT8LwEI9l4+AXFMXoWF149lCY=
X-Google-Smtp-Source: APXvYqwbM1Tk8sVIIwFOYszcZx6tuzr/V2+bTFqmi6VfDTKkLXVYVQlsoCMAKCKkrMYOh/Yuep3i3TaDvUSSmes4+aY=
X-Received: by 2002:a2e:9954:: with SMTP id r20mr7308872ljj.197.1572644187328; Fri, 01 Nov 2019 14:36:27 -0700 (PDT)
MIME-Version: 1.0
References: <4974ed86-0fa9-435d-880f-80af637ef180.anqing.aq@alibaba-inc.com> <BN6PR2201MB1700F72F3DC8F6C3CF79902CDA600@BN6PR2201MB1700.namprd22.prod.outlook.com> <bd15f357-8e7a-42af-bf28-79f7177da385@www.fastmail.com> <f55efb80-1a95-4190-84e5-b81948a7f081.anqing.aq@alibaba-inc.com> <BN6PR2201MB17005571E88F1C68769091A3DA630@BN6PR2201MB1700.namprd22.prod.outlook.com> <69d1a917-b1f9-4142-afb0-f5c67abe7334.anqing.aq@alibaba-inc.com> <CALZ3u+YDo7jTJzZj=W45s0zyJoun_+1gMkq7oMVM+DNRnyDZRg@mail.gmail.com>
In-Reply-To: <CALZ3u+YDo7jTJzZj=W45s0zyJoun_+1gMkq7oMVM+DNRnyDZRg@mail.gmail.com>
From: Jana Iyengar <jri.ietf@gmail.com>
Date: Fri, 01 Nov 2019 14:36:16 -0700
Message-ID: <CACpbDce7EU+9gTkyBnvLqinLQST42ch=SRUJe6N9ZraiakkGzw@mail.gmail.com>
Subject: Re: Fast Address Validation - about
To: Qing An <anqing.aq@alibaba-inc.com>
Cc: quic <quic@ietf.org>, "刘大鹏(鹏成)" <max.ldp@alibaba-inc.com>
Content-Type: multipart/alternative; boundary="00000000000024d54605964fc2ad"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/HwmAkOw5TDH6jrF_CDPXWnHPMVA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Nov 2019 21:36:32 -0000

Qing,

Thank you for writing up the draft.

As several others have noted, the RTT spent with Retry is not unnecessary,
it is fundamental to the purpose of Retry. If the server is willing to
maintain state, it doesn't need to send a Retry packet at all. If the
server is willing to maintain state and therefore does not send a Retry at
all, what is the value of your proposal?

- jana

On Fri, Nov 1, 2019 at 10:34 AM Töma Gavrichenkov <ximaera@gmail.com> wrote:

> Peace,
>
> On Fri, Nov 1, 2019 at 3:37 PM Qing An <anqing.aq@alibaba-inc.com> wrote:
> > I submitted the draft,
> https://datatracker.ietf.org/doc/draft-an-fast-address-validation/
>
> A quick review goes below:
>
> > The server remembers the value it sends to
> > clients and validates the token sent back from a client.
>
> As discussed before, this description of the Retry mechanism is
> inaccurate to the point it defeats its very purpose.
>
> > Address validation is used by QUIC to avoid being used for a traffic
> > amplification attack.
>
> This is also inaccurate; the lower bound for the Initial packet size
> prevents amplification.  Retry token is there to mitigate Initial
> packet floods.  Neither prevent trivial reflection, if you will.
>
> > If server chooses to
> > accept the cost brought by token exchanging in Handshake
> > [..]
> > Adding token field to Handshake packet does not add new security
> > concerns.
>
> At least one security concern I see here is what data the server is
> expected to derive its decision to accept the cost from.
>
> E.g. with the aforementioned 300 Mpps Initial packet flood, what is
> the approximate cost of keeping the state, per second?  If you would
> just be storing 16 octets of an IPv6 address plus 2 octets of the
> client's ephemeral port for any Rx packet, that'd be more than 5
> Gbytes of RAM consumed *per second* of the attack, not including the
> pointers, hashes etc.  Next, I haven't exactly done the math, but I
> think that the draft implies that the state kept would be hardly less
> than an order of magnitude bigger than that.  Also, the cost of
> processing every spoofed packet through the whole handshake pipeline,
> and so on.  I believe this is where the authors need to come up with
> benchmarks and implementation hints on garbage collection methods etc.
>
> I know the amount of RAM available is destined to grow but the floods
> are not expected to shrink any time soon just as well.
>
> --
> Töma
>

v2.23.0 | Report a Bug | By Email