{"title":"如果你能算上我:列举负载平衡器后面的QUIC服务器","authors":"K. Thimmaraju, B. Scheuermann","doi":"10.14279/TUJ.ECEASST.80.1172","DOIUrl":null,"url":null,"abstract":"QUIC is a new transport protocol over UDP which is recently became an IETF RFC. Our security analysis of the Connection ID mechanism in QUIC reveals that the protocol is underspecified. This allows an attacker to count the number of server instances behind a middlebox, e.g., a load balancer. We found 4/15 (~25%) implementations vulnerable to our enumeration attack. We then concretely describe how an attacker can count the number of instances behind a load balancer that either uses Round Robin or Hashing.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Count Me If You Can: Enumerating QUIC Servers Behind Load Balancers\",\"authors\":\"K. Thimmaraju, B. Scheuermann\",\"doi\":\"10.14279/TUJ.ECEASST.80.1172\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"QUIC is a new transport protocol over UDP which is recently became an IETF RFC. Our security analysis of the Connection ID mechanism in QUIC reveals that the protocol is underspecified. This allows an attacker to count the number of server instances behind a middlebox, e.g., a load balancer. We found 4/15 (~25%) implementations vulnerable to our enumeration attack. We then concretely describe how an attacker can count the number of instances behind a load balancer that either uses Round Robin or Hashing.\",\"PeriodicalId\":115235,\"journal\":{\"name\":\"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-09-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.14279/TUJ.ECEASST.80.1172\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.14279/TUJ.ECEASST.80.1172","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Count Me If You Can: Enumerating QUIC Servers Behind Load Balancers
QUIC is a new transport protocol over UDP which is recently became an IETF RFC. Our security analysis of the Connection ID mechanism in QUIC reveals that the protocol is underspecified. This allows an attacker to count the number of server instances behind a middlebox, e.g., a load balancer. We found 4/15 (~25%) implementations vulnerable to our enumeration attack. We then concretely describe how an attacker can count the number of instances behind a load balancer that either uses Round Robin or Hashing.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
