IETF Logo Mail Archive

RE: Padding in Initial Packets

Mike Bishop <mbishop@evequefou.be> Tue, 30 June 2020 16:16 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D8453A0C07 for <quic@ietfa.amsl.com>; Tue, 30 Jun 2020 09:16:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0upyZlUh3WnG for <quic@ietfa.amsl.com>; Tue, 30 Jun 2020 09:16:51 -0700 (PDT)
Received: from NAM11-DM6-obe.outbound.protection.outlook.com (mail-dm6nam11on2105.outbound.protection.outlook.com [40.107.223.105]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0E68D3A0C01 for <quic@ietf.org>; Tue, 30 Jun 2020 09:16:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=a5JpoBk5UY90b0AmDsD6HWLZCjw5j3O3/MMjvWUbJIzNLUa63hRBrJ8cwQO2bi+XJQmMQMf9R7ZNAP2yAIR2Pg0gkcIy0BUUBEWw3d0azXqCPkZDRhzl2obM23/tLZur+s3zwrk48AtI1H5NClZeBOr+iyJu6oqRJjVwXUTugQAPc5y1HHaij1AswImqsuvW4JLfWZxZM1/6WR/mZ2KKeS0ZbDBENgeT/Z7Pr7kMKNISMnNbhq8kv6queDRieBxoOBzN8cpAnzsx4Tc0Tc3GwbCBcYrfv/GjhSsqeAm9WeoEKyqF4rgDMcrnfKSIzY9BieFx4RonG1Iy1gtFQUTmVA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Uy66gRlSqCiqYHdQjg7lm/iZb1BgrFgbuscclM+TpIg=; b=iRQsvMPa5ZPgZ6mL08AF4XfSlh0jCmvvxQhD6lJ3KpRSf5yU9/x4138O+vI/PasXpwqStDKFPysWE4YAIKwKSQkB6hBtjVDEXtuTQECZtXgFKF4gEzYdOM1g0uQxiiVQST7vseP1KzOKzyEoIiK2yIv7UBymtn/NqIM+ReHnGDSEnjr+6wxVCBaFm3QIYVHlE2jD4OPSMaCXsdiuKxesB7pyiKjVy3++kqW0U6dvpFqXnOyqKWTjOKgJ1xDO8Ud0zOcmyhdiKXiUX9kk8FleaeFwN13kSz93ILZbZ8w7Bd5AFJw1EzQHXL+WZkp2PzlscpOTYvx6rSqGsZ9NyGYmXQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=evequefou.be; dmarc=pass action=none header.from=evequefou.be; dkim=pass header.d=evequefou.be; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector2-evequefou-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Uy66gRlSqCiqYHdQjg7lm/iZb1BgrFgbuscclM+TpIg=; b=aeNod0XpsfOb/gC5ZUpXdU5iMIugMRzY51eQy22RAwaJ/9q1zjW1GkxK6v8sva0YoDmYq0U14/dKFmvZDIAkqljuxwkraowJ2DHcN03OPF+ylw9sXIMlVGLKiUBBeYGaBXn7N7HONgJTKfbhCz5SAySx/FfwdGNSGK7Om+v+Mrk=
Received: from CH2PR22MB2086.namprd22.prod.outlook.com (2603:10b6:610:8c::8) by CH2PR22MB1847.namprd22.prod.outlook.com (2603:10b6:610:8e::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.20; Tue, 30 Jun 2020 16:16:47 +0000
Received: from CH2PR22MB2086.namprd22.prod.outlook.com ([fe80::f0e6:8202:6056:a596]) by CH2PR22MB2086.namprd22.prod.outlook.com ([fe80::f0e6:8202:6056:a596%3]) with mapi id 15.20.3131.027; Tue, 30 Jun 2020 16:16:47 +0000
From: Mike Bishop <mbishop@evequefou.be>
To: "tim.jebb@bt.com" <tim.jebb@bt.com>, "quic@ietf.org" <quic@ietf.org>
Subject: RE: Padding in Initial Packets
Thread-Topic: Padding in Initial Packets
Thread-Index: AdZOuPMsC8HOn4IhREy6+3yKJlq+/gAP8oOg
Date: Tue, 30 Jun 2020 16:16:47 +0000
Message-ID: <CH2PR22MB20869C49226FFDD90CED291DDA6F0@CH2PR22MB2086.namprd22.prod.outlook.com>
References: <LNXP123MB24602880B0AE644B9B1F3F83F26F0@LNXP123MB2460.GBRP123.PROD.OUTLOOK.COM>
In-Reply-To: <LNXP123MB24602880B0AE644B9B1F3F83F26F0@LNXP123MB2460.GBRP123.PROD.OUTLOOK.COM>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: bt.com; dkim=none (message not signed) header.d=none;bt.com; dmarc=none action=none header.from=evequefou.be;
x-originating-ip: [72.49.212.17]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 55c91647-fcb4-40b7-df19-08d81d10fd20
x-ms-traffictypediagnostic: CH2PR22MB1847:
x-microsoft-antispam-prvs: <CH2PR22MB184795E623C3A6EFCBD75C43DA6F0@CH2PR22MB1847.namprd22.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:6430;
x-forefront-prvs: 0450A714CB
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: RaP6PU0oK7rP2Ia3dSroo/xKWIBeNOHLnSjtX5KGL5CzrknL9QjFfbL1RdEgI7G4i5cucjeHQrG/cnPPDA1HkJjrwJwrcG8ZjjYsFROyMMYW8MtVGVllB66je5in9LR86TqI2eftJWCzNTV1DT/KOd0vxiBVa3tryXLZj33kC48djSqKZ5Tm76wKusvGMjOrip+zjQl2Sr4oqzU7iK5e9PhPG3gaI+L1KSAXc6AGwtZrtaIlRxY6VMPFpEqj6OUaI4GRvwfdbdaiH6lBSbdPV+wsjBVGA1TO/74MJofpLPJpzBol7/HXlHVSCOr0ZsrrBywElEcMAIfjxKzhaHwBHg==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CH2PR22MB2086.namprd22.prod.outlook.com; PTR:; CAT:NONE; SFTY:; SFS:(366004)(346002)(66556008)(64756008)(66446008)(76116006)(71200400001)(66476007)(66946007)(83380400001)(508600001)(8676002)(7696005)(110136005)(9686003)(52536014)(55016002)(33656002)(2906002)(26005)(8936002)(186003)(86362001)(5660300002)(3480700007)(53546011)(6506007); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: 6dD16f5hRMbtm+IyBl2ZbNaDlD63OaVcxBO7bA0z+AvR4ZJetIhwDB7kzawr/D1nTeEB7X6Ly3Trb5OSxN9qWsIsJTTinE2/ZxFZLpo6DRslmyorbQX6L1bHuvFzBBkmshklVaatlS9XIODOOHJOOTUppm2eHBfCmgzAdL923dS59AlVYj6Irzu4jMJt6ck3lNYLSqdqFC+JcWA/XAm17rdrskN3PmUQfroO5OS+CPt0IUX1cAGQ9CkQx0vA4WgoF8AgG9rEerZ97jXM3lYYy6r1o19TY6dJh2AbserSj0F9rxz/0VLMAhk5Y/W4ohgmIIp8Mol67RNgAbZ3rOB8cjYzgJseSr0hTllK5wAz0FSPtCEJw2HZyxtFofclvoVmKCMgRVdUKb67hf+wnaDZU2X02BWjNjEQsPP5WgpCeEMPZJlcuSGct3D+2dxAKytGPQc30k2zOGkveRhfl2XrjENi8ZLyLWUS2hEGOE41PXI=
x-ms-exchange-transport-forked: True
Content-Type: multipart/alternative; boundary="_000_CH2PR22MB20869C49226FFDD90CED291DDA6F0CH2PR22MB2086namp_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CH2PR22MB2086.namprd22.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 55c91647-fcb4-40b7-df19-08d81d10fd20
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jun 2020 16:16:47.4784 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: m4O+2C/t2idhmQ73rW7vsSFfS6n7aEKvu59KoEvV+YL5S8Z0ssEKcDBGMTANNnOVQnBJZXj6PUVKqa+y2E48MQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR22MB1847
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/MsW6qvFD3Q5zbMXVstQfaKCKdMA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jun 2020 16:16:53 -0000

I can see where that output would be confusing.  This is mandated by the spec in Section 8.1, which says:


Clients MUST ensure that UDP datagrams containing Initial packets have UDP payloads of at least 1200 bytes, adding padding to packets in the datagram as necessary. A client that sends padded datagrams allows the server to send more data prior to completing address validation.

Because the client's address has not been validated when the server sends its initial response, there's an obvious risk of an amplification attack if the server's response is large.  To mitigate this, QUIC requires that clients send large Initial packets and restricts the bytes servers send to unverified addresses to a fixed multiple of the bytes received from the client.  Only UDP datagrams containing Initial packets have this requirement, because once you've moved to other packet types, the address has been validated.

From: QUIC <quic-bounces@ietf.org> On Behalf Of tim.jebb@bt.com
Sent: Tuesday, June 30, 2020 6:16 AM
To: quic@ietf.org
Subject: Padding in Initial Packets

Hi All,

I'm fairly new to QUIC so apologies if the questions in here are dumb.

I've been going through a QUIC pcap, which I captured from a Firefox implementation of IETF draft 27 QUIC, and am a little confused about the use of padding in the first Initial packet.  According to Wireshark,  the UDP datagram contains a QUIC packet of type initial, length 272, the payload of which is a Client Hello.

The remainder of the UDP datagram is 1055 zero bytes..  According to Wireshark these zero bytes constitute a QUIC IETF Packet.

However there doesn't seem to be a valid QUIC packet header for these bytes.  AIUI according to the QUIC spec padding bytes are frames within a packet, so these zero bytes seem to be just bytes in the UDP datagram outside of the QUIC payload.  Which would be fine as far as I can see, but:

Why does Wireshark say it's QUIC IETF?
Is there anything in any of the QUIC draft RFCs mandating this behaviour, if so where?
Why is it being done - can't see the point?
If padding is to be added surely it should be as part of a QUIC packet and encrypted - here there's just a load of plaintext zero bytes.


Here is Wireshark's analysis:

"QUIC IETF
    QUIC Connection information
    [Packet Length: 302]
    1... .... = Header Form: Long Header (1)
    .1.. .... = Fixed Bit: True
    ..00 .... = Packet Type: Initial (0)
    .... 00.. = Reserved: 0
    .... ..10 = Packet Number Length: 3 bytes (2)
    Version: draft-27 (0xff00001b)
    Destination Connection ID Length: 17
    Destination Connection ID: 76f81a5588b2f25c5ab6dbd461a8d749e1
    Source Connection ID Length: 3
    Source Connection ID: c5ef02
    Token Length: 0
    Length: 272
    Packet Number: 0
    Payload: 04f535177fcbcfd5f06d24ffde66edf10df79205666b1851...
    TLSv1.3 Record Layer: Handshake Protocol: Client Hello
        Frame Type: CRYPTO (0x0000000000000006)
        Offset: 0
        Length: 249
        Crypto Data
        Handshake Protocol: Client Hello
            Handshake Type: Client Hello (1)
            Length: 245
            Version: TLS 1.2 (0x0303)
            Random: b1b76126ddab3c639cdfaa7d92d6cabe2ea9c1a19ea86b8b...
            Session ID Length: 0
            Cipher Suites Length: 4
            Cipher Suites (2 suites)
            Compression Methods Length: 1
            Compression Methods (1 method)
            Extensions Length: 200
            Extension: server_name (len=15)
            Extension: extended_master_secret (len=0)
            Extension: renegotiation_info (len=1)
            Extension: supported_groups (len=20)
            Extension: application_layer_protocol_negotiation (len=8)
            Extension: status_request (len=5)
            Extension: key_share (len=38)
            Extension: supported_versions (len=3)
            Extension: signature_algorithms (len=16)
            Extension: psk_key_exchange_modes (len=2)
            Extension: record_size_limit (len=2)
            Extension: quic_transports_parameters (len=42)
QUIC IETF
    [Packet Length: 1055]
    Remaining Payload: 000000000000000000000000000000000000000000000000..."

Any comments or explanations?

Tim

v2.30.2 | Report a Bug | By Email | System Status