top | item 38048018

(no title)

chmike | 2 years ago

The problem result from the ability to forge a fake origin IP address. This can be avoided by adding a certificate for the IP address. It adds a processing and size overhead, but it also preserves the single round trip transaction.

discuss

cyberax|2 years ago

It doesn't really work. You need to use fairly strong cryptography, and this means a lot of CPU power from your side to validate it. You also need mechanisms to notify users about certificate invalidation and expiration, you need ways to synchronize "time", etc.

At which point, it makes sense to just give up and use a normal TLS/QUIC connection. QUIC also has 0-RTT resumption, which is functionally similar to what you want.

Really, raw UDP makes very little sense in today's Internet. It might have been marginally more useful if BCP38/RFC2827 were more widely adopted.

tjoff|2 years ago

> Really, raw UDP makes very little sense in today's Internet. It might have been marginally more useful if BCP38/RFC2827 were more widely adopted.

I might agree if the only purpose of UDP was to avoid the handshake. But this issue alone only affects some usecases.

Naive workaround/thought, require the client to pad the first packet to the point where there you can't use it for amplification attacks (not an absurd amount, just 1k or something. Of course depends on the context).

And possibly embed the source IP in the first response so that the indirection isn't as effective either.

chmike|2 years ago

I didn't mean to generalize the use of certificate. It would be for a specific protocol for a specific application. I just wanted to justify that we are not required to use three way handshake.

Revocation is indeed a weak point of this solution as it would take time, probably a transaction, to check. This problem might be mitigated by shortening the certificate validity duration.

I don't see why time synchronization would be critical if the validity periods are slightly overlapping.

amtamt|2 years ago

We probably don't need certificates for IP addresses,and just ensure edge routers sending packets to the internet ensure they are sending pockets with source defined as a network IP only within defined CIDRs.

tjoff|2 years ago

How do you do that and still allow access from anyone without any prior configuration?

fulafel|2 years ago

There have been several plans for deploying IPSec everywhere as a evolution of IP with different key management strategies. There needs to be a way to look up a public key for a ip address, there's more than one way to do it.

chmike|2 years ago

In prior configuration, the UDP client must get a certificate which uses three way handshake to verify the IP address. Once a client has it's certificate, it can perform transactions with a simple two way transactions.

unknown|2 years ago

[deleted]

jzwinck|2 years ago

One way could be to require signing with a TLS certificate whose hostname resolves to the source IP(s).