Hi Antonio, Sorry for taking so long to respond - life was getting in the way.
On 16-04-18 15:03, Antonio Quartulli wrote: > there was a comment in my previous review that remained unanswer. > Please, see it below > > On 09/03/18 04:23, Steffan Karger wrote: > [CUT] >> + The metadata is checked *after* the OpenVPN three-way handshake has >> + completed, to prevent DoS attacks. (That is, once the client has proved >> to >> + the server that it possesses Kc, by authenticating a packet that >> contains the >> + session ID picked by the server.) > > > just a thought here: the metadata is actually created by the > server/provider and it is authenticated/encrypted with the server key. > > Isn't this enough to ensure that its content is not malicious and thus > allow the server to parse it right after having received the > HARD_RESET_V3 (instead of performing a "three-way handshake" first)? Not really, because a mitm attacker can simply record the cookie, and replay it. By postponing our parsing, we reduce the impact of a DoS by an attacker that is setting up many new connections with the cookie attached. Instead of performing a potential expensive check (running a script) for each HARD_RESET_V3, all we do is unwrap and reply. In more formal terms, we require a proof-of-possession of Kc before we will do any (potential) expensive operations. -Steffan ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
