Re: possible DoS attack from Donald Eastlake 3rd on 2002-04-12 (xml-encryption@w3.org from April 2002)

From: Donald Eastlake 3rd <dee3@torque.pothole.com>
Date: Fri, 12 Apr 2002 09:08:19 -0400 (EDT)
To: xml-encryption@w3.org
Message-ID: <Pine.LNX.4.44.0204120903170.5348-100000@netbusters.com>

I don't have any objection to a warning about this but there are well
known techniques for loop detection that would stop anything as simple
as the example given.  I would personally recommend using such a loop
detechion technique and also having some sort of generous limit to the
total amount of compute power you use in a particular decryption for
more complex cases. A simple depth limit doesn't solve all kinds of
other complex compute loops or ridiculously large but finite
computations you could get into.

Donald

On Thu, 11 Apr 2002, Aleksey Sanin wrote:

> Date: Thu, 11 Apr 2002 10:08:07 -0700
> From: Aleksey Sanin <aleksey@aleksey.com>
> To: Blair Dillaway <blaird@microsoft.com>
> Cc: xml-encryption@w3.org
> Subject: Re: possible DoS attack
> Resent-Date: Thu, 11 Apr 2002 13:09:30 -0400 (EDT)
> Resent-From: xml-encryption@w3.org
>
> Blair,
>
> Small tweak in my example (one <EncryptedData/> element and
> two <EncryptedKey /> elements pointing to each other) breaks
> the check you've described.
>
> I agree with you that there is no way to prevent a DoS attack. However,
> it is possible to make the "bad guys" life harder :)  I don't suggest
> to change the XML Encryption design but I do think that a warning
> about possible problem is a good idea.
>
> Aleksey
>
>
> Blair Dillaway wrote:
>
> >In your example, the RetrievalMethod indicates you are to retrieve an
> >EncryptedKey.  Shouldn't your code immediately error when it finds the
> >target of the URI is an EncryptedData?
> >
> >In any event, we had a fairly long discussion on DoS issues when this
> >activity started and realized there is no way to prevent them and also
> >meet our goal of creating a general purpose and flexible system.  Its
> >fairly easy to construct examples that will cause a recipient to very
> >deeply recurse (possibly infinite) looking for a decryption key.  I
> >suppose one could support an application defined recursion limit to try
> >and bound this problem, but addressing DoS attacks was not a goal of the
> >WG.
> >
> >Blair
> >
>
>
>

Received on Friday, 12 April 2002 09:08:19 UTC