Re: [chrony-dev] Traffic amplification with chrony commands |
[ Thread Index |
Date Index
| More chrony.tuxfamily.org/chrony-dev Archives
]
On Fri, 17 Jan 2014, Miroslav Lichvar wrote:
On Fri, Jan 17, 2014 at 06:15:16PM +0100, H�n Johansson wrote:
With the information collection problem for an attacker above, it is
probably so that also a much cheaper pseudo-random number generator
could be used instead of MD5. Say that one uses 8 secret numbers as
seeds, each together with a piece of the apparent client IP creating
8 new numbers. From each of which one uses a few bits to make the
nonce. E.g. xorshift is really cheap. This way, it should also not
be possible to make a denial-of-service attack on the chronyd server
from the extra computations it has to do for junk requests.
I'm not sure I follow here. The attacker can surely have more than one
address to query chronyd and get multiple nonces. Wouldn't it be easy
to find the secret numbers by reversing the algorithm and solving with
collected nonces? To me it looks like a crypto hash is critical here.
You would use a different random number for each IP, so that that part of
it would be unkown to the attacker (presumably-- if they "owned" the IP address
they were attacking then they could get that, but then they could just launch
a flood from it directly)
Of course that would mean that chronyd would have to keep a library of current
nonces for each IP address that queries came in for, and one would have to
worry about a DOS against chronyc in which it was flooded with requests.
But one could put a rate limiting on that-- eg put in a delay of say 1 sec on
the response for the nonce, and only accept a certain number per second.
Easier might be to password the command. On the other hand, for a local query
one really would not want a password, so that would complicate the logic in
chronyd.
--
William G. Unruh | Canadian Institute for| Tel: +1(604)822-3273
Physics&Astronomy | Advanced Research | Fax: +1(604)822-5324
UBC, Vancouver,BC | Program in Cosmology | unruh@xxxxxxxxxxxxxx
Canada V6T 1Z1 | and Gravity | www.theory.physics.ubc.ca/