IETF Logo Mail Archive

Re: [rtcweb] Security issue: initial consent

Hadriel Kaplan <HKaplan@acmepacket.com> Fri, 28 October 2011 00:32 UTC

Return-Path: <HKaplan@acmepacket.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 54A7821F8551 for <rtcweb@ietfa.amsl.com>; Thu, 27 Oct 2011 17:32:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.455
X-Spam-Level:
X-Spam-Status: No, score=-2.455 tagged_above=-999 required=5 tests=[AWL=0.144, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WQNeWbIQIT0L for <rtcweb@ietfa.amsl.com>; Thu, 27 Oct 2011 17:32:40 -0700 (PDT)
Received: from etmail.acmepacket.com (etmail.acmepacket.com [216.41.24.6]) by ietfa.amsl.com (Postfix) with ESMTP id ABC6D21F854F for <rtcweb@ietf.org>; Thu, 27 Oct 2011 17:32:40 -0700 (PDT)
Received: from MAIL2.acmepacket.com (10.0.0.22) by etmail.acmepacket.com (216.41.24.6) with Microsoft SMTP Server (TLS) id 8.2.254.0; Thu, 27 Oct 2011 20:32:37 -0400
Received: from MAIL1.acmepacket.com ([169.254.1.232]) by Mail2.acmepacket.com ([169.254.2.157]) with mapi id 14.01.0270.001; Thu, 27 Oct 2011 20:32:37 -0400
From: Hadriel Kaplan <HKaplan@acmepacket.com>
To: Matthew Kaufman <matthew.kaufman@skype.net>
Thread-Topic: [rtcweb] Security issue: initial consent
Thread-Index: AQHMlQkXoO3eI6taAk2EK6qgMyXoAw==
Date: Fri, 28 Oct 2011 00:32:37 +0000
Message-ID: <BDA4F232-F4E6-4334-BCEB-445AEE45E6B7@acmepacket.com>
References: <DAE0FB53-9D19-44CF-B3A4-2EE414A9EEAA@acmepacket.com> <CABcZeBM8E_P5RYX-KwWe1Yf39fBEQvTA3i33Y3-nEikWcmJoDQ@mail.gmail.com> <CALiegfkJYPtXWw6oOj-pkP1Qiva7+BWpyt9MubqLL82eeo0MTQ@mail.gmail.com> <CABcZeBP4Lm_HT5AfuhzyM-4zcJ6tBW=xKksrPHF=c+Y1U2nyGg@mail.gmail.com> <99DF5455-9961-41E6-A506-1DD09AF6D1C0@acmepacket.com> <4EA9ECE9.4050500@skype.net>
In-Reply-To: <4EA9ECE9.4050500@skype.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.0.0.30]
Content-Type: text/plain; charset="iso-8859-1"
Content-ID: <F9421E5747ABF148A35B4B41223DDBEA@acmepacket.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Brightmail-Tracker: AAAAAQAAAWE=
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] Security issue: initial consent
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Oct 2011 00:32:41 -0000

On Oct 27, 2011, at 7:44 PM, Matthew Kaufman wrote:

> On 10/28/11 12:39 AM, Hadriel Kaplan wrote:
>> ...
>>   Heck, we could even mandate using a new TCP header option to be reflected by the other side, similar to the TCP Timestamp option, but put a random number in it.
>> 
> 
> Again, the STUN connectivity test used by ICE does more than simply prove that the far end got the packet and can reflect it back. The reflection isn't even done unless the long-term credentials are valid.

Yes I know the ICE/STUN user/pass proves a shared secret, but what attacker/attack are you protecting against?

The JS obviously knows the ICE secrets, so the secret does not prevent the JS from spoofing to cause a hammer attack - only the reflected trans-id does.

A MitM may not know the secret, but if we didn't do ICE, what advantage could the MitM gain by responding to the TCP SYN or DTLS handshake?  If it's a MitM it can allow ICE to succeed anyway end-to-end, and then respond to the TCP SYN or DTLS.  

And I'm not suggesting just because they have a handshake that it makes TCP/UDP or SCTP/UDP secure from MitM eavesdropping or impersonation.  ICE doesn't either obviously.  I'm only saying that it makes it hard for a *non-MitM* to spoof.  

The main concern was that a malicious JS can cause a hammer/DDoS attack on another target, without being a MitM of the media-plane.  That's particularly difficult given RTP/RTCP have no handshake; or more to the point UDP has no handshake.  DTLS, TCP/UDP, and SCTP/UDP have it.  The question is if they're entropic enough to prevent the malicious JS from spoofing the handshake when it's not a MitM on the media-plane.  If the JS *is* a MitM on the media-plane, then the JS doesn't gain much by making the Browser perform the attack since the JS is now being attacked too.

No?  Maybe I'm missing something basic.

-hadriel

v2.23.0 | Report a Bug | By Email