Re: [chrony-dev] Traffic amplification with chrony commands

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]


On Mon, 20 Jan 2014, Miroslav Lichvar wrote:

On Sat, Jan 18, 2014 at 06:11:24AM +1000, Thomas Sprinkmeier wrote:
If your nonce is only 32 bits then using anything stronger than MD5 is overkill.
You could try to future-proof by allowing the nonce to grow over time and switch
to a more secure hash if/when appropriate, but then you have to guard against
version-rollback attacks.

That would be another complication. To me, padding of the request
packets so they are never smaller than replies still looks like the
best option here. The maximum length of each possible reply is known
at both sides, so it should be quite easy to implement. I'm more
worried about keeping enough compatibility with older versions that
chronyc will print "Protocol version mismatch" instead of retrying.

Chronyd would then have to test the incoming packet to make sure tha tthere
was enough padding. After all, the attacker can send whatever packets he
wants, so if the padding is in any sense optional they will neglect it.





--
William G. Unruh   |  Canadian Institute for|     Tel: +1(604)822-3273
Physics&Astronomy  |     Advanced Research  |     Fax: +1(604)822-5324
UBC, Vancouver,BC  |   Program in Cosmology |     unruh@xxxxxxxxxxxxxx
Canada V6T 1Z1     |      and Gravity       |  www.theory.physics.ubc.ca/

--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/