[openssl-dev] frequency and size of heartbeat requests
Jitendra Lulla
lullajd at yahoo.com
Tue Dec 5 19:14:41 UTC 2017
Hi,
With an "intentionally corrupted" tls1_heartbeat() in Openssl 1.0.2l, heart beat requests with big payloads such as 16300 or slightly more can be repeatedly sent to the server.
The server, religiously responds back with such big payloads after spending its cpu on encrypting/HMAC computing on the payload in the heartbeat response messages..
I confirmed the above with s_server/s_client.
The RFC doesn't say anything about this possible exploit/DOS attack.
The RFC also allows such big payloads.
While such payloads might be meeting some requirement (PMTU computation ?),, the frequency of such big messages (continuous repeats) must certainly be controlled.
I see that this extn is disabled in openssl-master but I could see that some servers (eg yahoo) do respond to heartbeat requests which means that they are running some ssl implementation (probably Openssl) which is vulnerable to continuous repeated big HB requests.
Is the problem mentioned above a problem indeed or I am missing something ?
Could the solution be a restricted count of HB requests along with a timer?
Thanks
Jitendra
More information about the openssl-dev
mailing list