Re: [TLS] Martin Duke's No Objection on draft-ietf-tls-dtls-connection-id-11: (with COMMENT)

Achim Kraus <achimkraus@gmx.net> Wed, 05 May 2021 07:49 UTC

Return-Path: <achimkraus@gmx.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B6503A164F for <tls@ietfa.amsl.com>; Wed, 5 May 2021 00:49:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.101
X-Spam-Level:
X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7yPqeQLoH08e for <tls@ietfa.amsl.com>; Wed, 5 May 2021 00:49:45 -0700 (PDT)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 99F013A164E for <tls@ietf.org>; Wed, 5 May 2021 00:49:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1620200979; bh=UjeX0JT00DrKMizGkCcLxr+x2w71VSdkjixL5fxH+h4=; h=X-UI-Sender-Class:Subject:To:Cc:References:From:Date:In-Reply-To; b=WTD8bsnUldELkzuroUOiWwwG7NosmAYN44VWEyyq7Nplb0sc1+BXbq0RTIvSvI0F6 geiXTbMrtOCL5dt/12AFqXPjI85xX0hmuE8ZARQnVr5Urod+su2Age1N5NikEfwEut YQhJKXBmNPCQEGwkfuQkWZLR8bOwOJsjEKv+/MFo=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.10] ([88.152.184.201]) by mail.gmx.net (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MAfYw-1lpDqt34DA-00B53I; Wed, 05 May 2021 09:49:39 +0200
To: Martin Thomson <mt@lowentropy.net>
Cc: tls@ietf.org
References: <161894801377.8373.6532898944771346676@ietfa.amsl.com> <VI1PR08MB2639A557022756B119EAB4EAFA5A9@VI1PR08MB2639.eurprd08.prod.outlook.com> <CAM4esxQaGhv8p3U7pa3JTyLFOvicZ4fM14p8-J5zpyOdBWNw9Q@mail.gmail.com> <72c410c0-f164-4428-9dda-ca62a9c0b419@www.fastmail.com> <f67218d9-5cd0-397e-a1f7-23a8411d9411@gmx.net> <b2aa0fb2-c17b-4868-8b5a-252562c407cf@www.fastmail.com>
From: Achim Kraus <achimkraus@gmx.net>
Message-ID: <9b4242d4-1813-ed45-2de1-e2bea4b50e97@gmx.net>
Date: Wed, 5 May 2021 09:49:39 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0
MIME-Version: 1.0
In-Reply-To: <b2aa0fb2-c17b-4868-8b5a-252562c407cf@www.fastmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:vQBg/mgxq1ZKEW0iaVyJP8ZHxhdOuvcXGFaOK7jFLjJdQf6k1Cp OnJorlBQweEVEISu5gWYkFtJSoZtk30aB6AYvJwQjH5JlIGXu3kAd3r1E26SbcopWcSReDG Rwg0JA+rpfH+G7GEhxVCsn1xUrqPOayAnhAIL+DPHINwV8YNz9BSo+obamRyx/Vsry8QUSy Siew+nYKLs13bnC5H55mA==
X-UI-Out-Filterresults: notjunk:1;V03:K0:IVt92OdbncA=:kXf9CULRN9LkHELesi9DS+ fmuVM2hRQBJY3RTFjuXD3G20LOk9KGYsirVCwvWC/BG4uIBDoegwtlg5cTxYLJLcl8jaK5PhS tq1dZ/bLyZCc0kAJ3JJTMQf8TqP+tOEcHqVg6Hzy34epxzrMkfhtivofi2jH3dUkK7WMwlUfj 6q+qEDvuZKQQSb8F+jy1XV7np87n5QNUWRlyDTqGcqYpH/ZCHO3QfMVMKzXOylDYjHW95Q2mK +LzrDn4x0KocYKc0+d1Ugk7H0pUwO9vigUfkHD5ew0uVr97pF4Une/17ZWyAPjJNT6+tV91jz pkBXfI94VorqpIvwH1rOaWYAU5P0aEBU5kHoO8SK3w+CXlZ1c2mj2jy7so6Woh7A4NpLipfuX NI/odrU+T4VNNGC5mhscsgQ+ouVMpks7trHL9RC48f5r8x5/SahcPKwJICg91JIUdO+nzYUHA EClg1mtR/XHVeYUfMZ1m0f+Kb/bJvQqgN4ATYXsHO1kL+mUTKL0lnUiB3hoMENXMLiAbFKIEj LkmM6IVQU1W7jiSrE8MzXAWnw7zkcuS+3vEGu6jL9SzTJzRpSQMihJYJZXH1SEr7xWi+ibCm4 k/6JDB3Oyu1rAzY0g/Bhj9nR+IfJq0p9Z6peZy/B+f5fxfO4JRs5Dz9hohjMisX2koICooK4h XPx537yXGqw8Azb9GYyWiXHsaggyxf+3Vn2pP88A+ZnPgtS/z4DIm4K4bA4RMMZtLGXN5o87f p/vj0fSWjQ/HpdD50XGmx88ELl2OMSIohPppuWdhSkZeJ3tnD5/lcx3OoM5PGMilJn746Q0NV m/w51CVF5g3qxxC9iu4LRj34UrgORTS0WKcg1nBvesv5cXlD7R7/yLGe0JitrG5z6CIslWVAX nVtCLz4F+ri+wiYjzuEsJz2rwy21H0UI+lGoaohXvLMgmSj30zNKkS1GWIuYvWInqrHDrZvIu dnWgU59jo6MZtL7q3MdlbVVQ9/glHUjQwjIgFZv2uU8eRtqI2f4hhaTr4vPzw1Ujx49+9bdlG G3e2TdlnlSQZTYXRFMoOqX2xvShYZD3rtelUbwT56tmBi27TzC9HJZVfdMYYBue/538IHPCrZ eABu+iJpGOth3fSChCI68ryMQNs4aG9p299+lAqKAdaw1gzyO96yLiSDEinPe9nx/Yg5E3jV0 ATfwabdedkQxyxBSKyKxphZmkitlUN6wEtyfVhtkuovGzHxgAHbjC3AOBxyBmhg3q4Idw=
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/S0Rfp53mPbOCaIFeTpyLiALEJmM>
Subject: Re: [TLS] Martin Duke's No Objection on draft-ietf-tls-dtls-connection-id-11: (with COMMENT)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 05 May 2021 07:49:47 -0000

Hi Martin,


> Nothing here depends on using a CID, except perhaps to the extent that the endpoint that observes the "migration" needs to be able to match incoming records with connection state.  If they need a CID for that, then this needs a CID.

If the threat is only weakly related to the use of a CID, would then the
discussion of that more general threats not require also a more general
scope than that of this DTLS CID RFC?

> 5. Victim believes that the connection has migrated and stops sending on the old path.
>
> If the new address is attacker controlled, the attacker is now on-path.  The attacker can stop forwarding and deny service at its discretion.

For a "service deny" no attacker is needed :-), UDP traffic may be lost,
DTLS traffic may be ignored, and overloaded peers may response out of
the expected time-frame.

Most of that is in my opinion the general risk using something as the
"public internet" with its grants and no-grants.

In all cases of a "service-deny", the peer was, and with CID, is still,
intended to try a reconnect strategy (what ever that means according the
destination ip-address.)

In my sum:
- without CID, much more (resumption) handshakes are needed in order to
communicate using DTLS.
- with CID, such (resumption) handshakes are still required, but much less.

Your attack adds some more handshakes, but it doesn't introduce
something new, nor do I see, that this will exceed the number of
handshakes without CID.

best regards
Achim Kraus