IETF Logo Mail Archive

Re: [tsvwg] Possible UDP-Option: Cookie

Tom Herbert <tom@herbertland.com> Wed, 20 March 2019 10:27 UTC

Return-Path: <tom@herbertland.com>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 39C67131058 for <tsvwg@ietfa.amsl.com>; Wed, 20 Mar 2019 03:27:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1fts9yZ-tQuv for <tsvwg@ietfa.amsl.com>; Wed, 20 Mar 2019 03:27:29 -0700 (PDT)
Received: from mail-qk1-x743.google.com (mail-qk1-x743.google.com [IPv6:2607:f8b0:4864:20::743]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C6F09130EFA for <tsvwg@ietf.org>; Wed, 20 Mar 2019 03:27:29 -0700 (PDT)
Received: by mail-qk1-x743.google.com with SMTP id z76so13729353qkb.12 for <tsvwg@ietf.org>; Wed, 20 Mar 2019 03:27:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=IBSpc7+tptP105x88cYd0taIAEH9PaIfVygd7Fh+jks=; b=ceNBAlIAf1C+5E1aMDmgTK/pOkVuqRnWyTraf4ZHqg80Qh1tmcHS/bJ0/6Sj/dB/j2 quXfcQdnHFr4u8KrdHYG2++sRk9Qa8tBEKFWmYBfa1HQzP76BZBgUn13N/6rupuo5v5v g/pOhVyi/IpptOdGGDdShpD58IibvmM5JFRFwrwTkweHzYCmItG9/vifPU7i5/it05eG wX90pkLnR83Hnk7+pI3n4Tj2S9J2wOaKP0PzpYJsup4piRoNEt0jrCKAPdA5+SjqC7er Stp8SA/HZN/QuXGctbcXqjyuILS5lRGmtkqbqhc0CSXiCAVbLE91oAnBMiXktm0Pliac 8ILw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=IBSpc7+tptP105x88cYd0taIAEH9PaIfVygd7Fh+jks=; b=HTX/wce+czX/3bke9rTG5pKhEDISvTgnY0Ar+BRX9bmW9t5PPue0OWvG48DRpO+Hx/ aN8VyD7hZhEwxh/cMbU0xodQ+pQK2e09S9dbNUpRpCf6GaT65ZYNUCQO2bIG7u3LtGB3 fkTl1X/wRFr2k0EDeXAdILvdZXYJWIw0TBpDKKsjFkP5yX2kFw0oI33ew1cP1gj9Nuuz H5cQB2YZ9+P7VcVRv2YkfDbWyOUwjHLOLH1OzNMoSF8QR532QeydoymJPxO2H84W6bGY ggeG92/PWrd12OlK/9Yd+V8RnLwOfnYRch3NbowHSHHpkat1ct9gK1m2ysBmlqnOUJhI w/fA==
X-Gm-Message-State: APjAAAVWSfV6+vSZXJtBMkFclmhgCzsavVI+C+hq6GPcmDrF2V8FZMg/ yeCuaH/C0KLhCO6CG94NTqxxKGI+B55CC5dLxYQfd92f
X-Google-Smtp-Source: APXvYqwQxrQUeDV2HaorQ1d1EmBQS8xK0jz2MXB9zHHBbkZpOFVBK6OuATLKqvwEDoH0kuKeNS46r011GKgxWW0nesc=
X-Received: by 2002:a37:414c:: with SMTP id o73mr5962560qka.323.1553077648822; Wed, 20 Mar 2019 03:27:28 -0700 (PDT)
MIME-Version: 1.0
References: <5C8FDEED.8010701@erg.abdn.ac.uk> <CALx6S36fQcRdgvCG3XS78EecFjdb36D22iBzovXcODH_W+BHbg@mail.gmail.com> <5be88c76-d65a-c491-86be-74a52fef7687@strayalpha.com> <CALx6S35h+ANRpqrEyC97JocXUrDw_+b85a8bP7QgjSchMPXF-g@mail.gmail.com> <62f9f885-5dd6-78d4-2d8a-8fab83871529@strayalpha.com> <CALx6S35bb5YpjR16OfQN+JJw3O3LG=NqkdFEnKdTEd3UoZWo5A@mail.gmail.com> <190BFA86-2DE3-4BB1-A833-E67D49B641FB@strayalpha.com> <CALx6S35vym9jfN5E6HVLU5RJj0k2p0i=dc1a+pb=ETx1WQUoxg@mail.gmail.com> <57E0E8CF-EA9A-4BC8-89D2-296D3CBBF7BA@strayalpha.com> <20190319231309.GA38527@bugle.employees.org> <20190320100743.GA19737@bugle.employees.org>
In-Reply-To: <20190320100743.GA19737@bugle.employees.org>
From: Tom Herbert <tom@herbertland.com>
Date: Wed, 20 Mar 2019 11:27:17 +0100
Message-ID: <CALx6S37TBDmExfeU6r=BdKhS=eo=DBLEx+YmT+kWjo0JiR7NJw@mail.gmail.com>
To: Derek Fawcus <dfawcus+lists-tsvwg@employees.org>
Cc: tsvwg <tsvwg@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/P4cKru3UtV3XWukt_231RxGhE94>
Subject: Re: [tsvwg] Possible UDP-Option: Cookie
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2019 10:27:32 -0000

On Wed, Mar 20, 2019 at 11:07 AM Derek Fawcus
<dfawcus+lists-tsvwg@employees.org> wrote:
>
> On Wed, Mar 20, 2019 at 12:13:09AM +0100, Derek Fawcus wrote:
> > We have the DNS request use case, we want to be able to send a packet
> > containing options expressing that we can receive Segmented UDP data.
> >
> > A legacy stack, or legacy server on a new stack will not see those
> > options, but will reply to the basic UDP packet - possibly generating
> > an IP fragmented response.  A new server on a new stack will be able
> > to send a UDP segmented response.
> >
> > There could well be other examples falling in to that scenario.
>
> The above got me wondering about current UDP reflected expansion attacks
> using a spoofed source address, of which DNS is a case that has been
> exploited.  What we're proposing with the Segmented UDP data mechanism
> could be similarly exploited in the future.
>
> So do we need some text in the security considerations section to discuss
> this, or maybe even a new cookie option to allow for a form of soft state
> acknowledged handshake?
>
> Assume we have an option like:
>
>                    +--------+-------------+-----+------+---------+--
>                    | Kind=X | Len=2/4/4+n |  lifetime  |  cookie |
>                    +--------+-------------+-----+------+---------+--
>
>                              UDP Cookie option format
>
> Where we have 3 possible lengths, one with no payload, one for sending
> lifetime alone, one for sending lifetime and cookie.  The cookie when
> present is of variable length.  The no payload form would simply be
> used to indicate that the option is supported.
>
Derek,

You might want to look at something similar to QUIC identifiers as the
cookie. That is a much more accuate way to identify and validate a
sender of UDP than by source address which can be unreliable or
inconsistent. For instance, QUIC identifiers handle the common case of
UDP state eviction in NAT where the apparent peer source address
changes mid-flow without any indication to the endpoints that
something happened.

Tom

> Then for users who might benefit, we could have an exchange like:
>
> 1. A -> B : UDP data | Options: Cookie(lifetime-q1)
> 2. B -> A : UDP data | Options: Cookie(lifetime-r1,cookie-1)
> 3. A -> B : UDP data | Options: Cookie(lifetime-q2,cookie-1)
> 4. B -> A : UDP data | Options: Cookie(lifetime-r2,cookie-2)
> ....
> 5. B -> A : UDP data | Options: Cookie(lifetime-q3,cookie-2)
>
> at 1 A sends a message, including a desire for a cookie with lifetime q1.
> at 2 B responds, including a cookie of arbitrary length and lifetime r1.
> at 3 A sends a message, where the cookie inherently validates its source address.
> at 4 B responds, including fresh cookie data, but now knowing it can now send
>        larger reponses.
>
> i.e. this adds an optional generic 'soft state' connection acknowledge
> mechanism to UDP, which could then be used by various applications.
>
> The above could then be combined with sending the Segmentation/FRAG options
> to perform parallel negotiation of that capability,  I'd imagine that for
> the DNS query case we could end up with something like:
>
> 1. A -> B | Q=A, N=example.com, EDNS-sz=Y | Options: Cookie(life); MSS(); FRAG()
> 2. B -> A | Q=A, N=example.com, EDNS-sz=Y, trunc | Options: Cookie(life,value1); MSS(); FRAG()
> 3. A -> B | Q=A, N=example.com, EDNS-sz=Y | Options: Cookie(life,value1); MSS(); FRAG()
> 4. B -> A | | Options: Cookie(life,value2); MSS(); FRAG(Q=A, N=example.com, A=1.2.3.4, EDNS-sz=Z)
> ....
> n. B -> A | | Options: Cookie(life,value2); MSS(); FRAG(Q=A, N=example.com, A=1.2.3.4, EDNS-sz=Z)
>
> For the case of a legacy server, this would probably fall back to one of
> IP fragmented UDP response packet at 2 (EDNS support, no truncated response),
> or opening a TCP connection at stage 3 (because stage 2 would have been a
> truncated response).
>
> i.e. rather than force the client to switch to TCP, or sending an IP fragmented
> UDP response, we would be able to acknowledge that it is safe to send a large
> amount of DNS response in many segmented UDP packets, that the source of the
> query was not spoofed, and then the subsequent second query would trigger that.
>
> I suspect there may be cases where we do not need to segment the response,
> but since it would be significantly larger than the request,  such an
> acknowledgement pattern may prove useful.
>
> DF
>

v2.23.0 | Report a Bug | By Email