Re: [xmpp] IQ Handling vulnerabilities
Thijs Alkemade <thijs@xnyhps.nl> Mon, 10 February 2014 19:25 UTC
Return-Path: <thijs@xnyhps.nl>
X-Original-To: xmpp@ietfa.amsl.com
Delivered-To: xmpp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 202511A0433 for <xmpp@ietfa.amsl.com>; Mon, 10 Feb 2014 11:25:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.453
X-Spam-Level:
X-Spam-Status: No, score=-0.453 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_NL=0.55, HOST_EQ_NL=1.545, RP_MATCHES_RCVD=-0.548] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jmwj7hyDEKKY for <xmpp@ietfa.amsl.com>; Mon, 10 Feb 2014 11:25:47 -0800 (PST)
Received: from s.xnyhps.nl (s.xnyhps.nl [46.19.32.61]) by ietfa.amsl.com (Postfix) with ESMTP id 1B2A01A0450 for <xmpp@ietf.org>; Mon, 10 Feb 2014 11:25:47 -0800 (PST)
Received: from [192.168.1.11] (196pc201.sshunet.nl [145.97.201.196]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by s.xnyhps.nl (Postfix) with ESMTPSA id 5477320BF9; Mon, 10 Feb 2014 20:25:41 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=xnyhps.nl; s=mail; t=1392060341; bh=fOCV22n7QMq4raeL1eTbxIMNfL0zY+Bcl/wNbcZPxvA=; h=Subject:From:In-Reply-To:Date:Cc:References:To; b=ekhT0eYv3HPIlAzroTO7SMoyBztkPhqWumG6EZVmOfDCxYWnmiQOIWvdn+AB7uGNM 7ZaHd2SB/F5Hmeq48f70OD1Jr8tN1CbbOhnrVN3dP3zpXL/FZ2W3VU6wbktbp01fbv HT1Zim3fM9o/svXIiPuiJgvWiBsSEroIqFrcohCg=
Content-Type: multipart/signed; boundary="Apple-Mail=_60F60CE3-FE59-47E3-A262-69A4BB475C77"; protocol="application/pgp-signature"; micalg="pgp-sha1"
Mime-Version: 1.0 (Mac OS X Mail 7.1 \(1827\))
From: Thijs Alkemade <thijs@xnyhps.nl>
In-Reply-To: <CF1E56C5.38F45%jhildebr@cisco.com>
Date: Mon, 10 Feb 2014 20:25:36 +0100
Message-Id: <B671D7DA-CE9A-4A2C-8EDE-BF94F5F6FE82@xnyhps.nl>
References: <CAOb_FnxS-dMT85N7LHj5M9JWk3pL85=ugrDqaT7j5d28HBr0Cw@mail.gmail.com> <CF194491.38AD3%jhildebr@cisco.com> <2F5E925F-021D-408E-91D9-3CC5BEB6BEC6@nostrum.com> <48F4D361-4403-47E6-862D-FBDDDEBCC642@xnyhps.nl> <CF1A369C.38BE2%jhildebr@cisco.com> <CAKHUCzyCwKbmnUoXLHW=XzYbiFrcg-dQsDojGUnA-_r3qK+_Vg@mail.gmail.com> <CF1A4928-54B5-4A95-9A4B-0EC572A3CDBD@cisco.com> <CF1E56C5.38F45%jhildebr@cisco.com>
To: "Joe Hildebrand (jhildebr)" <jhildebr@cisco.com>
X-Mailer: Apple Mail (2.1827)
Cc: Ben Campbell <ben@nostrum.com>, XMPP Working Group <xmpp@ietf.org>
Subject: Re: [xmpp] IQ Handling vulnerabilities
X-BeenThere: xmpp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: XMPP Working Group <xmpp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/xmpp>, <mailto:xmpp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/xmpp/>
List-Post: <mailto:xmpp@ietf.org>
List-Help: <mailto:xmpp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/xmpp>, <mailto:xmpp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Feb 2014 19:25:49 -0000
On 10 feb. 2014, at 18:15, Joe Hildebrand (jhildebr) <jhildebr@cisco.com> wrote: > On 2/7/14 8:13 AM, "Joe Hildebrand (jhildebr)" <jhildebr@cisco.com> wrote: > >> I have a couple of ludicrous s2s attacks on mind, but more important I >> think is doing what >> >> Mobile/terse. DYAC. > > Yes, well that was even more terse than normal. I was going to say > something about generating less-guessable IDs that don't eat up much > entropy. For example: > > start = sha1(crytpo_rand()) > start+1 = sha1(start) > > would probably do nicely. Uhm. Maybe this email is missing a line again, but if you use those values as 'id's directly, they will not be unpredictable at all, as anyone who receives an <iq/> can generate the rest of the chain. However, if you make sure the 'id' values are only half the hashes, it should be unpredictable unless an attacker is willing to spend an insane amount of work. So: start = sha1(crytpo_rand()) start+1 = sha1(start) ... id1 = start[0:10] id2 = start+1[0:10] … Thijs
- Re: [xmpp] IQ Handling vulnerabilities Philipp Hancke
- [xmpp] IQ Handling vulnerabilities Kevin Smith
- Re: [xmpp] IQ Handling vulnerabilities Joe Hildebrand (jhildebr)
- Re: [xmpp] IQ Handling vulnerabilities Matt Miller
- Re: [xmpp] IQ Handling vulnerabilities Peter Saint-Andre
- Re: [xmpp] IQ Handling vulnerabilities Ben Campbell
- Re: [xmpp] IQ Handling vulnerabilities Thijs Alkemade
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Kevin Smith
- Re: [xmpp] IQ Handling vulnerabilities Kevin Smith
- Re: [xmpp] IQ Handling vulnerabilities Joe Hildebrand (jhildebr)
- Re: [xmpp] IQ Handling vulnerabilities Dave Cridland
- Re: [xmpp] IQ Handling vulnerabilities Kevin Smith
- Re: [xmpp] IQ Handling vulnerabilities Joe Hildebrand (jhildebr)
- Re: [xmpp] IQ Handling vulnerabilities Waqas Hussain
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Ben Campbell
- Re: [xmpp] IQ Handling vulnerabilities Thijs Alkemade
- Re: [xmpp] IQ Handling vulnerabilities Waqas Hussain
- Re: [xmpp] IQ Handling vulnerabilities Kevin Smith
- Re: [xmpp] IQ Handling vulnerabilities Dave Cridland
- Re: [xmpp] IQ Handling vulnerabilities Kevin Smith
- Re: [xmpp] IQ Handling vulnerabilities Thijs Alkemade
- Re: [xmpp] IQ Handling vulnerabilities Thijs Alkemade
- Re: [xmpp] IQ Handling vulnerabilities Ashley Ward
- Re: [xmpp] IQ Handling vulnerabilities Peter Saint-Andre
- Re: [xmpp] IQ Handling vulnerabilities Peter Saint-Andre
- Re: [xmpp] IQ Handling vulnerabilities Dave Cridland
- Re: [xmpp] IQ Handling vulnerabilities Ashley Ward
- Re: [xmpp] IQ Handling vulnerabilities Peter Saint-Andre
- Re: [xmpp] IQ Handling vulnerabilities Joe Hildebrand (jhildebr)
- Re: [xmpp] IQ Handling vulnerabilities Thijs Alkemade
- Re: [xmpp] IQ Handling vulnerabilities Joe Hildebrand (jhildebr)
- Re: [xmpp] IQ Handling vulnerabilities Dave Cridland
- Re: [xmpp] IQ Handling vulnerabilities Dave Cridland
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Dave Cridland
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Thijs Alkemade
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Dave Cridland
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Alexander Holler
- Re: [xmpp] IQ Handling vulnerabilities Joe Hildebrand (jhildebr)