[openssl-dev] [openssl.org #4558] Performance issue with DTLS packet reassembly
Matt Caswell via RT
rt at openssl.org
Mon Jun 13 08:04:11 UTC 2016
On Thu Jun 02 23:24:44 2016, paul.dale at oracle.com wrote:
> The DTLS packet reassembly code has a performance problem that could
> result in a DoS attack being possible.
>
>
>
> The DTLS packet reassembly uses the data structure defined in
> ssl/pqueue.c for the purpose (it is the only user of this data
> structure that I can find). This source file implements a priority
> queue using a singly linked list. This means O(n^2) worst case
> complexity, where n is the number of fragments. A better, and in fact
> optimal, solution would be to use a heap for the purpose giving O(n
> log n) worst case complexity. Doing this would prevent a potential
> DoS attack.
>
>
>
> The attack would consist of fragmenting the DTLS stream into as many
> small packets as possible and sending them in sequential order. Each
> fragment will require a complete traversal of the list to be added.
> Continue sending these as long as the DoS is wanted. For reference,
> changing the list search method or ordering won't prevent such an
> attack, it just means a different packet ordering is required.
>
>
>
> Tim Hudson suggested I submit this even though I haven't been able to
> find time to craft a patch.
This will require some significant rework of the pqueue code. This ticket is
currently against the 1.1.0 milestone, but realistically that kind of change
isn't going to happen in that timeframe, so pushing to post 1.1.0.
Matt
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4558
Please log in as guest with password guest if prompted
More information about the openssl-dev
mailing list