Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Stop recommending DHE, because of "dheater" vulnerability :CVE-2002-20001 #17374

Closed
stardrift1 opened this issue Dec 30, 2021 · 7 comments
Closed
Labels
hold: need otc decision The OTC needs to make a decision triaged: question The issue contains a question

Comments

@stardrift1
Copy link

These guys found a way to saturate the server CPU core to 100% using as little as 5 KB/s of incoming traffic. The pre-requisite is that the server supports DHE as the key exchange. Therefore, to avoid creating such a vulnerable configuration, I propose removing DHE from the SSL_DEFAULT_CIPHER_LIST or TLS_DEFAULT_CIPHERSUITES.

@stardrift1 stardrift1 added the issue: bug report The issue was opened to report a bug label Dec 30, 2021
@stardrift1
Copy link
Author

@mattcaswell as the test done by us, the "dheater" can make our openssl s_server Occupy 90% +CPU,is this normal?

@mattcaswell mattcaswell added the hold: need otc decision The OTC needs to make a decision label Dec 30, 2021
@mattcaswell
Copy link
Member

mattcaswell commented Dec 30, 2021

For reference see this issue which seems relevant:
mozilla/ssl-config-generator#162

Also see:
https://github.com/Balasys/dheater

The CVE record links to this academic paper (which dates from 2000) - in particular see section 5.7:
https://www.researchgate.net/publication/2401745_Security_Issues_in_the_Diffie-Hellman_Key_Agreement_Protocol

This probably requires some OTC consideration. My initial reaction is that there doesn't seem to be anything new here - other than the assignment of a CVE. (Although I'm a little confused by the "2002" year in the CVE number, even though this was only recently assigned).

Question for OTC: How should we respond to CVE-2002-20001?

@mattcaswell mattcaswell added triaged: question The issue contains a question and removed issue: bug report The issue was opened to report a bug labels Dec 30, 2021
@vdukhovni
Copy link

I didn't see anything in the paper to suggest that the DoS issue is specifically related to DHE and not ECDHE. Did I miss something?

@mattcaswell
Copy link
Member

OTC: We will not change the default cipher list at this time.

@stardrift1
Copy link
Author

OTC: We will not change the default cipher list at this time.
Is This mean that this CVE isn't a Vulnerability

@mattcaswell
Copy link
Member

We do not consider this to be a vulnerability in OpenSSL.

@setharnold
Copy link

@mattcaswell jfyi many of the CVE CNAs will assign a CVE number where the year portion represents the earliest known public discussion of an issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
hold: need otc decision The OTC needs to make a decision triaged: question The issue contains a question
Projects
None yet
Development

No branches or pull requests

4 participants