Re: [chrony-dev] Traffic amplification with chrony commands

[ Thread Index | Date Index | More chrony.tuxfamily.org/chrony-dev Archives ]


On Thu, Jan 16, 2014 at 07:50:33PM +0100, Håkan Johansson wrote:
> I would suggest what I think is called a nonce value.

I think that's what ntpd uses with the new mrulist command. The
advantage over the simple padding approach would be saved bandwidth,
but I'm not sure it's really worth the complication in the protocol.
It would break compatibility with older chrony versions in any case.

> - Server picks some random number/string and keeps that.
> - Client sends a response, without nonce.
> - Server takes the apparent client IP and the string and makes some hash
>   of that, the nonce value for that client IP.
> - Server sends very short response to client, telling: if you want to
>   talk to me from your IP (whatever it is), you have to also give this
>   nonce.
> 
> - Client sends request again, now with nonce.
> - Server checks nonce, and if happy sends the real response.
> 
> The server could pick a new random number/string every few hours or
> minutes or so.

In chrony we would have to use MD5 as the hash unless the dependency
on nss/tomcrypt was no longer optional. How often would the random
number need to be regenerated considering MD5 is no longer secure? I'd
rather avoid having to think about that. :)

> In case the source IP is faked, the only thing that will be sent to
> the attack target is a small nonce.  So it should become a deflation
> attack.

Yes, if the request is larger than the reply with nonce.

Thanks,

-- 
Miroslav Lichvar

--
To unsubscribe email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "unsubscribe" in the subject.
For help email chrony-dev-request@xxxxxxxxxxxxxxxxxxxx with "help" in the subject.
Trouble?  Email listmaster@xxxxxxxxxxxxxxxxxxxx.


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/