Re: [Sip] draft-jennings-sip-hashcash-01
Dan Wing <dwing@cisco.com> Wed, 02 March 2005 15:35 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA23419 for <sip-web-archive@ietf.org>; Wed, 2 Mar 2005 10:35:07 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D6Vte-0003KP-DE for sip-web-archive@ietf.org; Wed, 02 Mar 2005 10:36:23 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D6VpJ-00014e-3a; Wed, 02 Mar 2005 10:31:53 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D6VpG-000149-Nb for sip@megatron.ietf.org; Wed, 02 Mar 2005 10:31:51 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA22948 for <sip@ietf.org>; Wed, 2 Mar 2005 10:31:49 -0500 (EST)
Received: from sj-iport-1-in.cisco.com ([171.71.176.70] helo=sj-iport-1.cisco.com) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D6VqP-0003Bg-9G for sip@ietf.org; Wed, 02 Mar 2005 10:33:05 -0500
Received: from sj-core-2.cisco.com (171.71.177.254) by sj-iport-1.cisco.com with ESMTP; 02 Mar 2005 07:45:46 -0800
X-BrightmailFiltered: true
X-Brightmail-Tracker: AAAAAA==
X-IronPort-AV: i="3.90,130,1107763200"; d="scan'208"; a="617319148:sNHT23475244"
Received: from edison.cisco.com (edison.cisco.com [171.71.180.109]) by sj-core-2.cisco.com (8.12.10/8.12.6) with ESMTP id j22FVZq8016086; Wed, 2 Mar 2005 07:31:35 -0800 (PST)
Received: from [192.168.1.103] (sjc-vpn7-827.cisco.com [10.21.147.59]) by edison.cisco.com (8.8.6 (PHNE_14041)/CISCO.SERVER.1.2) with ESMTP id HAA13277; Wed, 2 Mar 2005 07:31:34 -0800 (PST)
In-Reply-To: <1ECE0EB50388174790F9694F77522CCF01980E18@zrc2hxm0.corp.nortel.com>
References: <1ECE0EB50388174790F9694F77522CCF01980E18@zrc2hxm0.corp.nortel.com>
Mime-Version: 1.0 (Apple Message framework v619)
Content-Type: text/plain; charset="ISO-8859-1"; delsp="yes"; format="flowed"
Message-Id: <284C5240-8B30-11D9-80C4-0003938AF740@cisco.com>
Content-Transfer-Encoding: quoted-printable
From: Dan Wing <dwing@cisco.com>
Subject: Re: [Sip] draft-jennings-sip-hashcash-01
Date: Wed, 02 Mar 2005 07:31:33 -0800
To: Francois Audet <audet@nortel.com>
X-Mailer: Apple Mail (2.619)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 21be852dc93f0971708678c18d38c096
Content-Transfer-Encoding: quoted-printable
Cc: 'Cullen Jennings' <fluffy@cisco.com>, "'sip@ietf.org'" <sip@ietf.org>
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Sender: sip-bounces@ietf.org
Errors-To: sip-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0cff8c3ec906d056784362c06f5f88c1
Content-Transfer-Encoding: quoted-printable
I agree that proper whitelisting is important to discuss, and maybe even write into an I-D, but not in -hashcash-. Cullen's Hashcash is but one way to handle an incoming call that isn't on your whitelist -- send them a computational challenge. -ietf-sipping-spam- lists other mechanisms. -d On Feb 28, 2005, at 11:26 AM, Francois Audet wrote: > Yeah, a white list approach might work. > > The practical scenario that I am thinking about is with a typical VoIP > service provider. > > Today, the vast majority of calls from subscribers terminate on > gateways (owned by the operator of the service). These calls are not > to a specific "user" but really to a gateway, using presumably > something like the tel-URI-in-SIP-URI approach. In this case then, the > white list is not to a whole URI but to "something" that is related to > the gateway itself. This is different from the IM-scenario you quote. > > Now, if we only have to worry about one set of gateways (like the ones > owned by the service provider), I guess you could base the white list > on the domain name or find some other solution. It may be more > difficult when gateways are scattered all over the place (like in an > enterprise for example, or a federation of enterprise, or when it > terminates to another service provider). > > I believe we should make sure that we describe white list properly > before we publish the puzzle mechanism. I have a fear that we could > define something where the people who make the SIP end-devices have an > incentive to do something that is good for them (i.e., limit > vulnerability to spam) but could be very problematic for the Gateways > (or Proxies). Somehow we have to be able to mandate a white list > capabily (or some other mechanism). Otherwise software upgrades could > kill the operator of the service. > > PS: Note that this is a recurring problem with gateways (I think certs > has the same issue). > -----Original Message----- > From: Cullen Jennings [mailto:fluffy@cisco.com] > Sent: Friday, February 25, 2005 08:03 > To: Audet, Francois [SC100:9T51:EXCH]; sip@ietf.org > Subject: Re: [Sip] draft-jennings-sip-hashcash-01 > > > The idea would be to have a very skewed amount of computation to help > rate limit attacks. Whatever amount of computation is "reasonable" for > a valid client to do, an attacker is going to be able to apply a lot > more computation to the problem. However, this still limits the number > of messages the attacker can do and thus raises the cost. I discuss > this some what in the SPAM draft. > > This could all happen in different ways. Imagine a case where my > enterprise proxy compute the puzzles on behalf of my phone when I call > another domain. Say in a large enterprise, it has 10,000 people and > during a busy hour makes 10 calls per second that are to an address > external to the domain. Of these only 2 are not whitelists. If the > enterprise proxy was willing to spend say 3GHz worth of CPU at > computing challenges for these 2cps, well that is a pretty hefty > amount of hash that could be required. > > Another ways is perhaps all the UAC are willing to do about the amount > of hashing that 1 second of G.729 compression would take. It's hard to > imagine that most UAs (even large GWs) could not do this. This would > limit the rate of attack of a single computer to in the 100s of > messages per second. This is a lot less hashing that the example above > but contrast this to what is possible today. Today I can send in the > order of 100,000 message per second. Increasing the cost of an attack > by 1000 is good. It slows it down and give you time to trace the > source and cut it off before it is everywhere. It makes is less worth > while to advertise products that a very very small percentage of the > receivers would buy. > > As discussed in the SPAM draft, you would always want to use white > lists first then if the person was not on the white list fallback to > something else like this. > > Cullen > > > On 2/24/05 11:30 AM, "Francois Audet" <audet@nortel.com> wrote: > > > We may need to explain some of the limitations of this. It seems to me > that this mechanism would not be terribly appropriate for applications > that aggregate a large number of clients onto a single platform. For > example, this may be too computationally intensive for a large PSTN > Gateway, or even a large Proxy. > > Any ideas of how a UAS would make the decision to send the 419 without > burdening the UAC? Should there be a supported/require header for this > functionality, so that a UAC could "opt out"? > > > > -----Original Message----- > From: sip-bounces@ietf.org [mailto:sip-bounces@ietf.org] On Behalf Of > Cullen Jennings > Sent: Tuesday, February 22, 2005 16:46 > To: sip@ietf.org > Subject: [Sip] draft-jennings-sip-hashcash-01 > > > I updated this draft on "SIP Computational Puzzles" so it has enough > detail to implement it. (Previous version did not). It is in the > drafts directory and also in HTML form at: > > http://scm.sipfoundry.org/rep/ietf-drafts/fluffy/draft-jennings-sip- > hashcash-01.html > > Cullen > > > _______________________________________________ > Sip mailing list https://www1.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use sip-implementors@cs.columbia.edu for questions on current sip > Use sipping@ietf.org for new developments on the application of sip > > _______________________________________________ > Sip mailing list https://www1.ietf.org/mailman/listinfo/sip > This list is for NEW development of the core SIP Protocol > Use sip-implementors@cs.columbia.edu for questions on current sip > Use sipping@ietf.org for new developments on the application of sip _______________________________________________ Sip mailing list https://www1.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use sip-implementors@cs.columbia.edu for questions on current sip Use sipping@ietf.org for new developments on the application of sip
- [Sip] draft-jennings-sip-hashcash-01 Cullen Jennings
- Re: [Sip] draft-jennings-sip-hashcash-01 Dan Wing
- RE: [Sip] draft-jennings-sip-hashcash-01 Francois Audet
- Re: [Sip] draft-jennings-sip-hashcash-01 Jonathan Rosenberg
- Re: [Sip] draft-jennings-sip-hashcash-01 Dan Wing
- Re: [Sip] draft-jennings-sip-hashcash-01 Michael Thomas
- Re: [Sip] draft-jennings-sip-hashcash-01 Henning Schulzrinne
- [Sip] jennings-sip-hashcash - does it help - does… Cullen Jennings
- Re: [Sip] draft-jennings-sip-hashcash-01 Cullen Jennings
- [Sip] Re: jennings-sip-hashcash - does it help - … Michael Thomas
- Re: [Sip] draft-jennings-sip-hashcash-01 Cullen Jennings
- Re: [Sip] draft-jennings-sip-hashcash-01 Henning Schulzrinne
- [Sip] Re: jennings-sip-hashcash - does it help - … Jonathan Rosenberg
- RE: [Sip] draft-jennings-sip-hashcash-01 Francois Audet
- Re: [Sip] draft-jennings-sip-hashcash-01 Jonathan Rosenberg
- Re: [Sip] draft-jennings-sip-hashcash-01 David R Oran
- RE: [Sip] draft-jennings-sip-hashcash-01 Francois Audet
- RE: [Sip] draft-jennings-sip-hashcash-01 Francois Audet
- Re: [Sip] draft-jennings-sip-hashcash-01 Cullen Jennings