IETF Logo Mail Archive

Re: [TLS] Additional warnings on 0-RTT data

Colm MacCárthaigh <colm@allcosts.net> Thu, 24 November 2016 05:19 UTC

Return-Path: <colm@allcosts.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id ABA411294D1 for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 21:19:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=allcosts-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GPV9ZrsB22YK for <tls@ietfa.amsl.com>; Wed, 23 Nov 2016 21:19:57 -0800 (PST)
Received: from mail-io0-x22f.google.com (mail-io0-x22f.google.com [IPv6:2607:f8b0:4001:c06::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8F5DC129484 for <tls@ietf.org>; Wed, 23 Nov 2016 21:19:57 -0800 (PST)
Received: by mail-io0-x22f.google.com with SMTP id c21so57374322ioj.1 for <tls@ietf.org>; Wed, 23 Nov 2016 21:19:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=allcosts-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=TkSI+dIskfMyPliIRRho5Gh8B6ISR4G2sBok+boaF6A=; b=kiM0WkTpdF8OIzXOLtUaP0JmlPCtSv2HEIravbinrtpJg3YvHuT7AfohkOtlzBYAze nyUyoKTdaxW3m61CtsFGBVgngCdaWDXCbcNQNR5L3L5DwC5L7Oa3Cr1jcWvubcsBxsB2 SvEYhPSm3jy803Kxb+3YKBzDTWJ8hS9hJXChVBuTXdSmu9MveYLQi2rVj2coZO/uVSxJ 8urPNw7Ob7y11TkUWmYUbQnxWV0+w/6TFkQD82jFYzoXy6r55uz8ccapYJNZHjsnm3NH vNZS0ZcM0Iodul0EMYVQMUDLimWdhB7Kw7tqM+DHjG4uuNPtEwSb4IQMfkglc/DOazYq 8i+A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=TkSI+dIskfMyPliIRRho5Gh8B6ISR4G2sBok+boaF6A=; b=Z8id8DqIitkF6F8XSUqzc7kOtdTc8DJ+Fn0Mk8xUSx3yCENaj2clIgZBaUELl7xOih HrudG9n1+KPnqDB8OXaJQ0z2miMCvvDvHsCKUSiiYJwXmWS1N4e+5g4WH/CEClQJTwMO whgD4xuQtYGK56rEYrGgvk4NCSnKemwOvJSfVb/41e6wEKA65uPYPWNQhCG/67Uo9vbz a1PBqe51h/uzurxm19pV7A+jO2ImJuNb7gMltgg9mL6PT2uhZWP3BttXhQcbCXjDHPuF BWYITVpfIDZqTNNdQVoupe5zr4xfA3ZJi2MegjdNOcT5nKI0a30NTNK0/ws4aR9dFT7N ySlA==
X-Gm-Message-State: AKaTC00rrAipI6NxpOyZsCJrGK5HKIceYEcMEvPWHPJiZckNOS2AeMNI6SdFKun/Cl/oi3hVPGgRRd+baT2kTQ==
X-Received: by 10.107.170.230 with SMTP id g99mr449994ioj.111.1479964796867; Wed, 23 Nov 2016 21:19:56 -0800 (PST)
MIME-Version: 1.0
Received: by 10.36.224.74 with HTTP; Wed, 23 Nov 2016 21:19:56 -0800 (PST)
In-Reply-To: <CABkgnnVOrCAu0sKNSLJC8FNLXEzZxLNA3dPDPfxc86KWSLvjyQ@mail.gmail.com>
References: <CAAF6GDeAbbwnUaCGg4sVxzP6S3ECoQ2nzCi3FyB1gRV9mJHxGA@mail.gmail.com> <CABkgnnXuL9jE04omz3n4FRWBKuJtpEV-bS2tSVvN7AJhW_4GUA@mail.gmail.com> <CAAF6GDcbJm7YWmUZ66JK9hUbU+Gt_-ERmjWxz9YnJe2KCtru-g@mail.gmail.com> <CABkgnnUhnFY5H6ew2uAhvPuqm8E1dP2-9OupaNfvF7qdKvggBg@mail.gmail.com> <CAAF6GDdrPO+eYMmWmvmwL2RVB5UV8184Xc5uOz99PhkkZfNY9w@mail.gmail.com> <CABkgnnVOrCAu0sKNSLJC8FNLXEzZxLNA3dPDPfxc86KWSLvjyQ@mail.gmail.com>
From: Colm MacCárthaigh <colm@allcosts.net>
Date: Wed, 23 Nov 2016 21:19:56 -0800
Message-ID: <CAAF6GDfg0fO46-NLD0j4p52j-n50w4vmGa1YUBAsow8N+0U=gA@mail.gmail.com>
To: Martin Thomson <martin.thomson@gmail.com>
Content-Type: multipart/alternative; boundary="001a1142e6b0ff71c605420527a2"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ox4rhdBKZOj72w3ByQGyqb_V6CI>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Additional warnings on 0-RTT data
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Nov 2016 05:20:00 -0000

On Wed, Nov 23, 2016 at 8:40 PM, Martin Thomson <martin.thomson@gmail.com>
wrote:

> On 24 November 2016 at 15:11, Colm MacCárthaigh <colm@allcosts.net> wrote:
> > Do you disagree that the three specific example security issues provided
> are
> > realistic, representative and impactful? If so, what would persuade you
> to
> > change your mind?
>
> These are simply variants on "if someone hits you with a stick, they
> might hurt you", all flow fairly logically from the premise, namely
> that replay is possible (i.e., someone can hit you with a stick).
>

Prior to TLS1.3, replay is not possible, so the risks are new, but the
end-to-end designers may not realize to update their threat model and just
what is required. I'd like to spell that out more than what's where at
present.

The third is interesting, but it's also the most far-fetched of the
> lot (a server might read some bytes, which it later won't read,
> exposing a timing attack).


I need to work on the wording because the nature of the attack must not be
clear. It's really simple. If the 0-RTT data primes the cache, then a
subsequent request will be fast. If not, it will be slow.

If implemented on a CDN for example, the effort required would be nearly
trivial for an attacker. Basically: I replay the 0-RTT data, then probe a
bunch of candidate resources with regular requests. If one of them loads in
20ms and the others load in 100ms, well now I know which resource the 0-RTT
data was for. I can perform this attack against CDN nodes that are quiet,
or remote, and very unlikely to have the resources cached to begin with.


> But that's also corollary material; albeit
> less obvious.  Like I said, I've no objection to expanding a little
> bit on what is possible: all non-idempotent activity, which might be
> logging, load, and some things that are potentially observable on
> subsequent requests, like IO/CPU cache state that might be affected by
> a request.
>

ok, cool :)


> >> I'm of the belief that end-to-end
> >> replay is a property we should be building in to protocols, not just
> >> something a transport layer does for you.  On the web, that's what
> >> happens, and it contributes greatly to overall reliability.
> >
> > The proposal here I think promotes that view; if anything, it nudges
> > protocols/applications to actually support end-to-end replay.
>
> You are encouraging the TLS stack to do this, if not the immediate
> thing that drives it (in our case, that would be the HTTP stack).  If
> the point is to make a statement about the importance of the
> end-to-end principle with respect to application reliability, the TLS
> spec isn't where I'd go for that.
>

I'm not sure where the folks designing the HTTP and other protocols would
get the information from if not the TLS spec. It is TLS that's changing
too. Hardly any harm in duplicating the advice anyway.


> > I think there is a far worse externalization if we don't do this.
> Consider
> > the operations who choose not (or don't know) to add good replay
> protection.
> > They will iterate more quickly and more cheaply than the diligent
> providers
> > who are cautious to add the effective measures, which are expensive and
> > difficult to get right.
>
> OK let's ask a different question: who is going to do this?
>

I am, for one. I don't see 0-RTT as a "cheap" feature. It's a very very
expensive one. To mitigate the kind of issues it brings really requires
atomic transactions. Either the application needs them, or something below
it does. So far I see fundamentally no "out" of that, and once we have
atomic transactions then we either have some kind of multi-phase commit
protocol, distributed consensus, routing of data to master nodes, or some
combination thereof.

The smartest people I've ever met work on these kinds of systems and they
all say it's really really hard and subtle. So when I imagine Zero-RTT
being done correctly, I imagine organizations signing up for all of that,
and it being worth it, because latency matters that much. That's a totally
valid decision.

And in that context, the additional expense of intentionally replaying
0-RTT seems minor and modest. My own tentative plan is to do it at the
implementation level; to have the TLS library occasionally spoof 0-RTT data
sections towards the application. This is the same technique used for
validating non-replayable request-level auth.

I don't see browsers doing anything like what you request; nor do I
> see tools/libs like curl or wget doing it either.  If I'm wrong and
> they do, they believe in predictability so won't add line noise
> without an application asking for it.
>

I hope this isn't the case, but if it is and browsers generally agree that
it would be unimplementable and impractical, then I think 0-RTT should be
removed unless we can come up with other effective mitigations. Otherwise
it's predictable that we'll see deployments that don't bother to solve the
hard problems and are vulnerable to the issues I've described. But let's
not be doom and gloom about it, there's got to be a way to mitigate.

-- 
Colm

v2.23.0 | Report a Bug | By Email