IETF Logo Mail Archive

Re: [tcpm] draft-ietf-tcpm-tcpsecure-00.txt

Lloyd Wood <l.wood@eim.surrey.ac.uk> Fri, 23 April 2004 22:51 UTC

Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA20275 for <tcpm-archive@odin.ietf.org>; Fri, 23 Apr 2004 18:51:14 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BH9SN-0002Ux-J2 for tcpm-archive@odin.ietf.org; Fri, 23 Apr 2004 18:47:39 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i3NMldu0009599 for tcpm-archive@odin.ietf.org; Fri, 23 Apr 2004 18:47:39 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BH9PN-0001TF-Hd for tcpm-web-archive@optimus.ietf.org; Fri, 23 Apr 2004 18:44:33 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA19794 for <tcpm-web-archive@ietf.org>; Fri, 23 Apr 2004 18:44:28 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BH9PK-000467-K7 for tcpm-web-archive@ietf.org; Fri, 23 Apr 2004 18:44:30 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BH9OW-0003pw-00 for tcpm-web-archive@ietf.org; Fri, 23 Apr 2004 18:43:40 -0400
Received: from optimus.ietf.org ([132.151.1.19]) by ietf-mx with esmtp (Exim 4.12) id 1BH9Np-0003Z7-00 for tcpm-web-archive@ietf.org; Fri, 23 Apr 2004 18:42:57 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BH9CI-0005dk-6m; Fri, 23 Apr 2004 18:31:02 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BH98t-0004MU-3u for tcpm@optimus.ietf.org; Fri, 23 Apr 2004 18:27:31 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id SAA18752 for <tcpm@ietf.org>; Fri, 23 Apr 2004 18:27:26 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BH98q-0007Gr-2d for tcpm@ietf.org; Fri, 23 Apr 2004 18:27:28 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BH97q-00070s-00 for tcpm@ietf.org; Fri, 23 Apr 2004 18:26:26 -0400
Received: from [131.227.76.5] (helo=prue.eim.surrey.ac.uk ident=exim) by ietf-mx with esmtp (Exim 4.12) id 1BH96s-0006jO-00 for tcpm@ietf.org; Fri, 23 Apr 2004 18:25:26 -0400
Received: from argos.ee.surrey.ac.uk ([131.227.89.15] ident=eep1lw) by prue.eim.surrey.ac.uk with esmtp (Exim 3.33 #4) id 1BH96f-0005TB-00; Fri, 23 Apr 2004 23:25:13 +0100
Date: Fri, 23 Apr 2004 23:25:11 +0100
From: Lloyd Wood <l.wood@eim.surrey.ac.uk>
X-X-Sender: eep1lw@argos.ee.surrey.ac.uk
To: tcpm@ietf.org, rrs@cisco.com
Subject: Re: [tcpm] draft-ietf-tcpm-tcpsecure-00.txt
In-Reply-To: <40897C4C.9020900@isi.edu>
Message-ID: <Pine.GSO.4.50.0404232249570.5889-100000@argos.ee.surrey.ac.uk>
References: <025E7DD4182874489CC2F61EE0FA19CE02885696@daebe004.americas.nokia.com> <4087B232.4050203@cisco.com> <4087DDE6.3020703@nokia.com> <4087E36F.7000502@cisco.com> <40885BAB.2070200@isi.edu> <87y8omrehb.fsf@deneb.enyo.de> <40897C4C.9020900@isi.edu>
Organization: speaking for none
X-url: http://www.ee.surrey.ac.uk/Personal/L.Wood/
X-no-archive: no
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
X-Scanner: exiscan *1BH96f-0005TB-00*vSsLgRk5IrM* (SECM, UniS)
Sender: tcpm-admin@ietf.org
Errors-To: tcpm-admin@ietf.org
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.60

I'm interested in the proposed RST ack challenge/response mechanism.

I expect the case that the valid packet received containing the RST
flag is _not_ the packet the receiver was expecting with the next
expected sequence number to be quite common, with packet reordering in
the Internet, loss (and don't users often kill slow browser
connections?), and whatnot. Connections don't always get closed under
the best of conditions.

It strikes me that, a priori, both sender and receiver know and can
remember the initial sequence number ever used on their connection,
which is (pseudo-randomly) selected. Randomness of initial sequence
numbers was recently improved, after much media fuss:

http://www.google.com/search?q=initial+sequence+number+randomness

We can use this randomness to our advantage.

This first sequence number information can be used to form part of the
challenge-response; if the sender has sent an RST packet whose
sequence number lies in the window, but it is not the next expected
packet, the ack sent back by the receiver can be an indicator for the
RST sender to pass the first sequence number in a subsequent packet
(also containing a confirming RST flag. 'I told you to close. I'm
telling you to close again. And here's a reminder of when we first
spoke and agreed to open. It's a random number we both know.'.)

I suppose this could be passed as (sigh) a new TCP option -- or,
better, you could just use the existing sequence number field.

Existing TCP implementations would ignore this second RST packet
containing the original first sequence number in that field if that
correct number lies outside the window, and if it's inside, well,
you've already sent one RST anyway. You're likely backwards
compatible.

This weak authentication might give added protection to long-lived TCP
flows, as the attacker would need to snoop on the start of the
connection to know that first sequence number - and if she's doing
that, your unsecure data can already be hers. (Why is there so much
fuss about a weak DoS attack and no fuss about the widespread reliance
on an unsecure transfer protocol?)

And in tying to sequence space, which is where our problem lies,
storing and resending the initial sequence number on request as a
cookie seems somewhat easier to code and deal with than the later and
optional timestamps (K Poon's suggestion), as we avoid option fields
entirely.

L.

apologies if this has already been suggested in these related threads.
Unfortunately, my life prevents me from reading email full-time.

<http://www.ee.surrey.ac.uk/Personal/L.Wood/><L.Wood@eim.surrey.ac.uk>

_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www1.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email