IETF Logo Mail Archive

Re: Questions about Version Negotiation Concerning Possible Handshake Interruption

<alexandre.ferrieux@orange.com> Sat, 10 February 2018 09:10 UTC

Return-Path: <alexandre.ferrieux@orange.com>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 45613127601 for <quic@ietfa.amsl.com>; Sat, 10 Feb 2018 01:10:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.321
X-Spam-Level:
X-Spam-Status: No, score=-0.321 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FORGED_MUA_MOZILLA=2.309, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, UNPARSEABLE_RELAY=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xYVSVW4CAEd0 for <quic@ietfa.amsl.com>; Sat, 10 Feb 2018 01:10:12 -0800 (PST)
Received: from orange.com (mta134.mail.business.static.orange.com [80.12.70.34]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D6EFA124234 for <quic@ietf.org>; Sat, 10 Feb 2018 01:10:11 -0800 (PST)
Received: from opfednr06.francetelecom.fr (unknown [xx.xx.xx.70]) by opfednr23.francetelecom.fr (ESMTP service) with ESMTP id B5F27C1266; Sat, 10 Feb 2018 10:10:10 +0100 (CET)
Received: from Exchangemail-eme2.itn.ftgroup (unknown [xx.xx.31.3]) by opfednr06.francetelecom.fr (ESMTP service) with ESMTP id 846681A0051; Sat, 10 Feb 2018 10:10:10 +0100 (CET)
Received: from lat6466.rd.francetelecom.fr (10.168.234.6) by OPEXCLILM5D.corporate.adroot.infra.ftgroup (10.114.31.3) with Microsoft SMTP Server (TLS) id 14.3.382.0; Sat, 10 Feb 2018 10:10:10 +0100
Message-ID: <32019_1518253810_5A7EB6F2_32019_65_1_5A7EB6F3.20509@orange.com>
Date: Sat, 10 Feb 2018 10:10:11 +0100
From: alexandre.ferrieux@orange.com
Reply-To: Alexandre Ferrieux <alexandre.ferrieux@orange.com>
Organization: Orange
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:8.0) Gecko/20111113 Thunderbird/8.0
MIME-Version: 1.0
To: Kazuho Oku <kazuhooku@gmail.com>
CC: Christian Huitema <huitema@huitema.net>, Lingmo Zhu <zlm2006@gmail.com>, Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>, "quic@ietf.org" <quic@ietf.org>, Martin Thomson <martin.thomson@gmail.com>
Subject: Re: Questions about Version Negotiation Concerning Possible Handshake Interruption
References: <1d386744-c46a-842a-b172-24e290e03668@gmail.com> <CABkgnnVRn+1sNZQFB8BZc4VyzN5usLmYJ3xLo+p2uTeW_0Ji_Q@mail.gmail.com> <CAN1APdfpJ0rYPPiOgfcdDRx3noh+YYvJatP0MYTqRRXMBwF6pA@mail.gmail.com> <3d558827-f2a7-877c-e00a-d6a22ef241c5@gmail.com> <CANatvzzZEuJ3TY=+0BMLqbBE5mScG_Jnrypg3xkciykOX78G8A@mail.gmail.com> <CAN1APdfov8Q3E+5NkT5pmMeU=eB=fsnDFe_=BK7TDE0TpXD3yA@mail.gmail.com> <142211e0-c7c9-642f-69ef-5f0d722b77cc@gmail.com> <529ac475-5291-2b2e-acf9-05efe720d584@huitema.net> <6937_1518251684_5A7EAEA4_6937_191_1_5A7EAEA5.2000605@orange.com> <CANatvzz_2BeRns5E-OO=CKKwK66LgMd=3vVCM84_+OAxj8CutQ@mail.gmail.com>
In-Reply-To: <CANatvzz_2BeRns5E-OO=CKKwK66LgMd=3vVCM84_+OAxj8CutQ@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Originating-IP: [10.168.234.6]
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/qtosX4433uc7KE4vL0J6y52KlpA>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 10 Feb 2018 09:10:13 -0000

On 10/02/2018 10:00, Kazuho Oku wrote:
>> >  Alternatively, what about a "no fallback" mode for sensitive applications
>> >  like DNS ?
 >
> I agree that providing such an option would narrow the attack window.
> The other option is to let the client propose multiple versions and
> the server select one, as proposed in my previous mail.
>
> But even if we do that, there's still the chance of an attacker
> injecting a Handshake packet that contains a corrupt ServerHello
> message. In such case, the client would fail to complete the handshake
> with the server.

Yes, but this weakens the threat from outright intrusion to mere DOS, right ?

If so, note that the attacker may always follow its packet-of-death with a 
flood, making the receiver-side UDP socket overflow and eventually drop the 
legitimate server's response. In this case, not even a TLS context backup will 
be able to recover. Agreed, that's a heavier sword for a thicker shield, but 
that's doable ;)

_________________________________________________________________________________________________________________________

Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.

This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.

v2.23.0 | Report a Bug | By Email