[openssl-dev] [openssl.org #4558] Performance issue with DTLS packet reassembly
paul.dale@oracle.com via RT
rt at openssl.org
Thu Jun 2 23:24:45 UTC 2016
The DTLS packet reassembly code has a performance problem that could result in a DoS attack being possible.
The DTLS packet reassembly uses the data structure defined in ssl/pqueue.c for the purpose (it is the only user of this data structure that I can find). This source file implements a priority queue using a singly linked list. This means O(n^2) worst case complexity, where n is the number of fragments. A better, and in fact optimal, solution would be to use a heap for the purpose giving O(n log n) worst case complexity. Doing this would prevent a potential DoS attack.
The attack would consist of fragmenting the DTLS stream into as many small packets as possible and sending them in sequential order. Each fragment will require a complete traversal of the list to be added. Continue sending these as long as the DoS is wanted. For reference, changing the list search method or ordering won't prevent such an attack, it just means a different packet ordering is required.
Tim Hudson suggested I submit this even though I haven't been able to find time to craft a patch.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4558
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list