Re: [chrony-dev] Traffic amplification with chrony commands

[Bill Unruh <unruh@xxxxxxxxxxxxxx>]

On Mon, 20 Jan 2014, Miroslav Lichvar wrote:

> On Sat, Jan 18, 2014 at 06:11:24AM +1000, Thomas Sprinkmeier wrote:
> > If your nonce is only 32 bits then using anything stronger than MD5 is overkill.
> > You could try to future-proof by allowing the nonce to grow over time and switch
> > to a more secure hash if/when appropriate, but then you have to guard against
> > version-rollback attacks.
>
> That would be another complication. To me, padding of the request
> packets so they are never smaller than replies still looks like the
> best option here. The maximum length of each possible reply is known
> at both sides, so it should be quite easy to implement. I'm more
> worried about keeping enough compatibility with older versions that
> chronyc will print "Protocol version mismatch" instead of retrying.

Chronyd would then have to test the incoming packet to make sure tha tthere
was enough padding. After all, the attacker can send whatever packets he
wants, so if the padding is in any sense optional they will neglect it.


>

--
William G. Unruh   |  Canadian Institute for|     Tel: +1(604)822-3273
Physics&Astronomy  |     Advanced Research  |     Fax: +1(604)822-5324
UBC, Vancouver,BC  |   Program in Cosmology |     unruh@xxxxxxxxxxxxxx
Canada V6T 1Z1     |      and Gravity       |  www.theory.physics.ubc.ca/

--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.