Implement basic replay protection #173
Conversation
Implements partial protection against attackers transparently proxying our TCP connections. Previously PySyncObj allowed such attackers to replay/delay/reorder/drop messages arbitrarily. Reordering/replaying is now restricted for attackers only to messages with the same timestamp. Advantage of this partial protection over more effective one is that this is no change to message format. This means that connection between patched an unpatched servers will still work except connection will be closed and immediately reopened when somebody turns clocks on their unpatched servers back. Also, strength of this protection will improve with fernet/spec#12 .
| data = self.encryptor.decrypt(data) | ||
| message = pickle.loads(zlib.decompress(data)) | ||
| if self.recvRandKey: | ||
| randKey, message = message | ||
| assert randKey == self.recvRandKey | ||
| except: | ||
| # Why no logging of security errors? |
There was a problem hiding this comment.
Ha, of course. I see PySyncObj already has logging imported so printing something like "invalid message received from $ip, closing connection" should be not hard. I'll do a separate PR after I figure exactly how.
There was a problem hiding this comment.
Hm, do you think it should be logger.warning or more like logger.info? On private network it feels like warning because it means I have broken app somewhere, but on internet it feels wrong because I receive lot of junk, so its more like info or debug. Er, is it good idea to write anything to log just because somebody from internet connected?
wow... you are fast! Thank you.
There was a problem hiding this comment.
Probably that's the reason it was missing in log ) Probably we can leave it as is for now..
Currently PySyncObj implements replay protection via
recvRandKeyandsendRandKey. This is good, but protects only when attackers open a new TCP connection or try to inject messages captured on one connection to another, but nothing prevents attackers transparently proxying our TCP connections toreplay/delay/reorder/dropmessages within this TCP connection arbitrarily.This PR implements basic replay protection by enforcing monotonicity of received timestamps. This restricts
Reordering/replayingfor attackers only to messages with the same timestamp.Delayingis still possible, but the messages now have to be either dropped or, with respect to the 1 second precision of the timestamp, delivered in the original order.Advantage of this partial protection over more effective one is that this is no change to message format. This means that connection between patched an unpatched servers will still work except connection will be closed and immediately reopened when somebody turns clocks on their unpatched servers back.
Also, strength of this protection will improve with fernet/spec#12 .