Re:Re: Fast Address Validation - about
"Qing An" <anqing.aq@alibaba-inc.com> Fri, 01 November 2019 23:03 UTC
Return-Path: <anqing.aq@alibaba-inc.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C1758120861 for <quic@ietfa.amsl.com>; Fri, 1 Nov 2019 16:03:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=alibaba-inc.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HcIwOh9lLSNC for <quic@ietfa.amsl.com>; Fri, 1 Nov 2019 16:03:55 -0700 (PDT)
Received: from out0-142.mail.aliyun.com (out0-142.mail.aliyun.com [140.205.0.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A1F01201CE for <quic@ietf.org>; Fri, 1 Nov 2019 16:03:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1572649432; h=Date:From:To:Message-ID:Subject:MIME-Version:Content-Type; bh=TJGf4HmP7tvFUFWpTI0WfbcAaIZBJpcvgKQdVUiwJbw=; b=V9olmP/NEVJPoRLSA+Us+9jcEDdLfWzsDZEx0GsS2VL2hjRZzD0IEp9aOf7Rj333tbOBKo90EE06QMdiV5bOJ2lj2S4UFjVDZ3MQw7KT9mOZdw0pvWkj1prt6mAYt6CXqXUQ+fRf1QJ6u2ptEEQWBbTZrX3yVbCsiQqZcPvDYuw=
X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R291e4; CH=green; DM=||false|; FP=0|-1|-1|-1|0|-1|-1|-1; HT=e02c03302; MF=anqing.aq@alibaba-inc.com; NM=1; PH=DW; RN=3; SR=0; TI=alimail_ios_2.COREAPI9fb61c2e80ed45e992018ddda54005ae;
Received: from WS-web (anqing.aq@alibaba-inc.com[alimail_ios_2.COREAPI9fb61c2e80ed45e992018ddda54005ae]) by e02c03276.eu6 at Sat, 02 Nov 2019 07:03:51 +0800
Date: Sat, 02 Nov 2019 07:03:51 +0800
From: Qing An <anqing.aq@alibaba-inc.com>
To: Jana Iyengar <jri.ietf@gmail.com>
Cc: quic <quic@ietf.org>, "刘大鹏(鹏成)" <max.ldp@alibaba-inc.com>
Message-ID: <abc3a804-5026-4b25-bf8f-7f23851312fb.anqing.aq@alibaba-inc.com>
Subject: Re:Re: Fast Address Validation - about
X-Priority: 3
X-Mailer: [Alimail-Mailagent revision 2765257]
MIME-Version: 1.0
In-Reply-To: <CACpbDce7EU+9gTkyBnvLqinLQST42ch=SRUJe6N9ZraiakkGzw@mail.gmail.com>
References: <4974ed86-0fa9-435d-880f-80af637ef180.anqing.aq@alibaba-inc.com> <BN6PR2201MB1700F72F3DC8F6C3CF79902CDA600@BN6PR2201MB1700.namprd22.prod.outlook.com> <bd15f357-8e7a-42af-bf28-79f7177da385@www.fastmail.com> <f55efb80-1a95-4190-84e5-b81948a7f081.anqing.aq@alibaba-inc.com> <BN6PR2201MB17005571E88F1C68769091A3DA630@BN6PR2201MB1700.namprd22.prod.outlook.com> <69d1a917-b1f9-4142-afb0-f5c67abe7334.anqing.aq@alibaba-inc.com> <CALZ3u+YDo7jTJzZj=W45s0zyJoun_+1gMkq7oMVM+DNRnyDZRg@mail.gmail.com>, <CACpbDce7EU+9gTkyBnvLqinLQST42ch=SRUJe6N9ZraiakkGzw@mail.gmail.com>
Content-Type: multipart/alternative; boundary="----=ALIBOUNDARY_58861_4626c940_5dbcb9d7_3589f6"
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/m7-TfKyTt2ObxTX8QgcMr-KSEUI>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Nov 2019 23:03:58 -0000
The proposal is to, if server chooses not to send a Retry, for first connection, define how to use new_token frame to deliver token to client for future connection. ------------------Original Mail ------------------ Sender:Jana Iyengar <jri.ietf@gmail.com> Send Date:Sat Nov 2 05:36:30 2019 Recipients:Qing An <anqing.aq@alibaba-inc.com> CC:quic <quic@ietf.org>, 刘大鹏(鹏成) <max.ldp@alibaba-inc.com> Subject:Re: Fast Address Validation - about Qing, Thank you for writing up the draft. As several others have noted, the RTT spent with Retry is not unnecessary, it is fundamental to the purpose of Retry. If the server is willing to maintain state, it doesn't need to send a Retry packet at all. If the server is willing to maintain state and therefore does not send a Retry at all, what is the value of your proposal? - jana On Fri, Nov 1, 2019 at 10:34 AM Töma Gavrichenkov <ximaera@gmail.com> wrote: Peace, On Fri, Nov 1, 2019 at 3:37 PM Qing An <anqing.aq@alibaba-inc.com> wrote: > I submitted the draft, https://datatracker.ietf.org/doc/draft-an-fast-address-validation/ A quick review goes below: > The server remembers the value it sends to > clients and validates the token sent back from a client. As discussed before, this description of the Retry mechanism is inaccurate to the point it defeats its very purpose. > Address validation is used by QUIC to avoid being used for a traffic > amplification attack. This is also inaccurate; the lower bound for the Initial packet size prevents amplification. Retry token is there to mitigate Initial packet floods. Neither prevent trivial reflection, if you will. > If server chooses to > accept the cost brought by token exchanging in Handshake > [..] > Adding token field to Handshake packet does not add new security > concerns. At least one security concern I see here is what data the server is expected to derive its decision to accept the cost from. E.g. with the aforementioned 300 Mpps Initial packet flood, what is the approximate cost of keeping the state, per second? If you would just be storing 16 octets of an IPv6 address plus 2 octets of the client's ephemeral port for any Rx packet, that'd be more than 5 Gbytes of RAM consumed *per second* of the attack, not including the pointers, hashes etc. Next, I haven't exactly done the math, but I think that the draft implies that the state kept would be hardly less than an order of magnitude bigger than that. Also, the cost of processing every spoofed packet through the whole handshake pipeline, and so on. I believe this is where the authors need to come up with benchmarks and implementation hints on garbage collection methods etc. I know the amount of RAM available is destined to grow but the floods are not expected to shrink any time soon just as well. -- Töma
- Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Mikkel Fahnøe Jørgensen
- RE: Fast Address Validation - about Mike Bishop
- Re: Fast Address Validation - about Martin Thomson
- Re: Fast Address Validation - about Qing An
- RE: Fast Address Validation - about Mike Bishop
- Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Marten Seemann
- Re: Fast Address Validation - about Töma Gavrichenkov
- Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Mikkel Fahnøe Jørgensen
- Re: Fast Address Validation - about Töma Gavrichenkov
- Re:Re: Fast Address Validation - about Qing An
- Re:Re: Fast Address Validation - about Qing An
- Re:Re: Fast Address Validation - about Mikkel Fahnøe Jørgensen
- Re: Re: Fast Address Validation - about Töma Gavrichenkov
- Re: Fast Address Validation - about Töma Gavrichenkov
- Re: Fast Address Validation - about Jana Iyengar
- Re:Re: Fast Address Validation - about Qing An
- Re:Re:Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Christian Huitema
- Re:Re: Fast Address Validation - about Qing An
- Re: Fast Address Validation - about Christian Huitema
- Re:Re:Re: Fast Address Validation - about Mikkel Fahnøe Jørgensen
- Re: Fast Address Validation - about Christian Huitema