Re: [TLS] add challenge in TLS v1.3 to prevent DDOS attack?

"Bingzheng Wu" <bingzheng.wbz@alibaba-inc.com> Mon, 08 June 2015 11:05 UTC

Return-Path: <bingzheng.wbz@alibaba-inc.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC3801A1B8A for <tls@ietfa.amsl.com>; Mon, 8 Jun 2015 04:05:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.6
X-Spam-Level:
X-Spam-Status: No, score=-0.6 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jIx5Fz67jNNn for <tls@ietfa.amsl.com>; Mon, 8 Jun 2015 04:05:57 -0700 (PDT)
Received: from out4133-66.mail.aliyun.com (out4133-66.mail.aliyun.com [42.120.133.66]) by ietfa.amsl.com (Postfix) with ESMTP id CA5331A1B87 for <tls@ietf.org>; Mon, 8 Jun 2015 04:05:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alibaba-inc.com; s=default; t=1433761556; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type; bh=ujVd0lumJ074MFH6u1bxhdrxmV8JQtDwl2XY6N+uE38=; b=SGejZC8gZv5o1iE5EJC7x8WwdlXeOwfjRewfPFzcQ7YUPk8YZV1hk2Y2KE/pMuW7yXbHPYx4z97Thok8PH0gs6bgievuUoAyQhe0zoAI91EXQNvzD2R+pIN9yPgmDEFoYZxS26Hp49Vc8yHesTQrA+WjcedyP4+bjKhPp+IfNjg=
X-Alimail-AntiSpam: AC=PASS; BC=-1|-1; BR=01201311R841e4; FP=0|-1|-1|-1|0|-1|-1|-1; HT=r41g03025; MF=bingzheng.wbz@alibaba-inc.com; PH=DS; RN=2; RT=2; SR=0;
Received: from ali074145n(mailfrom:bingzheng.wbz@alibaba-inc.com ip:42.120.74.159) by smtp.aliyun-inc.com(127.0.0.1); Mon, 08 Jun 2015 19:05:49 +0800
From: "Bingzheng Wu" <bingzheng.wbz@alibaba-inc.com>
To: "'Peter Gutmann'" <pgut001@cs.auckland.ac.nz>, "'tls'" <tls@ietf.org>
References: <----3-------MPf3-$0147073b-d557-427b-a8c7-d3dd80aef07b@alibaba-inc.com> <9A043F3CF02CD34C8E74AC1594475C73AB039DA4@uxcn10-tdc05.UoA.auckland.ac.nz>
In-Reply-To: <9A043F3CF02CD34C8E74AC1594475C73AB039DA4@uxcn10-tdc05.UoA.auckland.ac.nz>
Date: Mon, 08 Jun 2015 19:05:49 +0800
Message-ID: <008d01d0a1db$13db18e0$3b914aa0$@alibaba-inc.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQJM1bQwrAdL2mUOwfD9yh9pSzi+dQIFyyjFnJnaxDA=
Content-Language: zh-cn
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/GAaLrEVK8Sqr01Vy-w5gKT2G9IM>
Subject: Re: [TLS] add challenge in TLS v1.3 to prevent DDOS attack?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: Bingzheng Wu <bingzheng.wbz@alibaba-inc.com>
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jun 2015 11:05:59 -0000

Thanks for your information. I didn't know this before.
However I don't think this match my original purpose.

The tls-auth requires the client and server have PSK. 
But I want an general anti-DDOS method.
For example, this method could be used by general web browser to visit any
web sites.

Please fix me if I misunderstand the OpenVPN's method.

Thanks,
Bingzheng

> -----Original Message-----
> From: Peter Gutmann [mailto:pgut001@cs.auckland.ac.nz]
> Sent: Monday, June 08, 2015 5:20 PM
> To: Bingzheng Wu; tls
> Subject: RE: [TLS] add challenge in TLS v1.3 to prevent DDOS attack?
> 
> Bingzheng Wu <bingzheng.wbz@alibaba-inc.com> writes:
> 
> >So, could we add a challenge-response mode in TLS v1.3 to increase the
> attacker's cost ?
> 
> You don't need anything that complex, OpenVPN has for a number of years
> supported a very effective way of dealing with this, all you need to do is
> formalise that.  It doesn't really need TLS 1.3 either, since you can do
it in a
> standard extension.  OpenVPN gives it the very misleading name tls-auth,
it's
> just a use of a PSK to MAC incoming packets, so the client-hello is
> authenticated and dropped unless it has a valid MAC signature.  This has
> protected OpenVPN against a number of OpenSSL vulnerabilities (as well as
> generic port-scanning and similar), most notably Heartbleed, where any
> attempt to exploit the vuln just bounced off, because unless you have the
MAC
> key you can't get past even the first hello message.
> 
> I started work on an RFC draft for this a while back, but it got shelved
because
> of conflicts over making it OpenVPN-compatible or not, it shouldn't be too
much
> work to dig it out and finish it (albeit in a non-OpenVPN-compatible
manner).
> 
> Peter.=