Tls1.3+0+rtt


#1

Hello. After quite a bit of reading, it looks like the potential security risk(s) are not worth the potential performance boost? Is that a true statement, currently?

I’m running an eCommerce website w/ WordPress, and the below is concerning…if still accurate.

 E.5.  Replay Attacks on 0-RTT

    Replayable 0-RTT data presents a number of security threats to TLS-
    using applications, unless those applications are specifically
    engineered to be safe under replay (minimally, this means idempotent,
    but in many cases may also require other stronger conditions, such as
    constant-time response).  Potential attacks include:

    -  Duplication of actions which cause side effects (e.g., purchasing
       an item or transferring money) to be duplicated, thus harming the
       site or the user.

    -  Attackers can store and replay 0-RTT messages in order to re-order
       them with respect to other messages (e.g., moving a delete to
       after a create).

    -  Exploiting cache timing behavior to discover the content of 0-RTT
       messages by replaying a 0-RTT message to a different cache node
       and then using a separate connection to measure request latency,
       to see if the two requests address the same resource.

    Ultimately, servers have the responsibility to protect themselves
    against attacks employing 0-RTT data replication.  The mechanisms
    described in Section 8 are intended to prevent replay at the TLS
    layer but do not provide complete protection against receiving
    multiple copies of client data.  
```.

Thanks,
Ryan

#2

You can certainly opt out of using if you’re not comfortable with it.

Here’s a blog post with the security concerns addressed near the end:


#3

One of the virtues of payments is that they are idempotent.
Even if your website is using TLS 1.3 0+RTT the best practices for payment should be using a token methodology where your client connects directly to your payment processor and your receive a token.

Losing that token doesn’t jeopardize you or your client data.

Have you implemented Authenticated Origin Pull?


#4

If you’re talking to me, I have no clue what you’re asking or talking about.

I’m running WooCommerce/WordPress w/ the WooCommerce Stripe payment gateway.


#5

If you use Stripe, you will never have an issue with Replay Attacks on 0-RTT.
Stripe handles all the transactions for you safely.


#6

Awesome! Thanks…now we’re getting somewhere.
:blush: