Re: The TCP and UDP checksum algorithm may soon need updating

Brian E Carpenter <> Thu, 04 June 2020 21:28 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 209F53A0FD7 for <>; Thu, 4 Jun 2020 14:28:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Ud-edpeBf3ts for <>; Thu, 4 Jun 2020 14:28:30 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::531]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 9803C3A0F9B for <>; Thu, 4 Jun 2020 14:28:30 -0700 (PDT)
Received: by with SMTP id n23so4063240pgb.12 for <>; Thu, 04 Jun 2020 14:28:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=hskM7OzhkfNLmCEOgFLC6T1EGL2+Lho2hBNx7GGluzs=; b=iRRH2vmlkWXE/zrjM0GBUqICDfit07bT7jXY5N7w96EABkFHrPnKFo9rTBEDQ0+S3u EM68q4XsYRWrUzgn4b43qm+WRlDV8E6vXniJ+2/qrd91cfXJ76hvajRjhflE+VTkE8dU NXfor27zC7Q35jGOUHH1iLkms0R5l2ibDq883jLgRwIobknc/hiXnItHxcS/CBYhfojw Tw2xcHDj9BwluvcGz6hm4wiqOXpf0tTdx7PTWJ8jOMiKYVyyUC6YJSyJKnDgccNevQt6 4XtMid2AoK8hTXiKniz+xdFFP3Hd9cWrylae9vLUFOAQtVeAIIvyTjwkAUm/3XFc3tGX /uOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=hskM7OzhkfNLmCEOgFLC6T1EGL2+Lho2hBNx7GGluzs=; b=S/DTkghP/nBXAWCIqh3OkKBPI1XhuYc7WxW9uLujAj6m2KSHXHNcaEkc6OXsDRYbed y5wB1vfCXkZfIoMcReYJ4FKwlsg5KzO2t/tBLzcieCTCmIfg8YMZ6AHViCC0/bdYaSHn XzJ8FXr4pTaWvNgujFdxpJOK3bmptAsBwg83OwCOlr21ngjt7ZBv6zAP3y4TEOW4FBYi Q5UcMAk7si+145Bgua6Gm+4ec8QI5KBjZm2Q/afd6ojlciZbjtm3/CZbqc/xi/NKehfz zbAscaK5YaaSEY2wMnmTME2Gvd6y4Kd2Sv/l4l8Bt9cSYXiyjnXvPFbGLCC8x3tS8qNb 35ow==
X-Gm-Message-State: AOAM531vroUVgZBLJkBxTBPx18ahSBXxbZGsPxVLuR0ILyHvCFGZGMKn IxGg9P5sw1JhBjKsb3wMIeujMdNY1x4=
X-Google-Smtp-Source: ABdhPJxCZXgTvCO/jiIflySUaVHQaJPIFzmrbX5FW+8FALLlWNRVi4YJW0oWJVjavmDeNiWM6vzkGA==
X-Received: by 2002:a63:34cd:: with SMTP id b196mr5946370pga.2.1591306109684; Thu, 04 Jun 2020 14:28:29 -0700 (PDT)
Received: from [] ([]) by with ESMTPSA id h35sm6898173pje.29.2020. (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 04 Jun 2020 14:28:29 -0700 (PDT)
Subject: Re: The TCP and UDP checksum algorithm may soon need updating
To: Richard Barnes <>, Craig Partridge <>
Cc: IETF discussion list <>
References: <> <> <> <>
From: Brian E Carpenter <>
Message-ID: <>
Date: Fri, 5 Jun 2020 09:28:23 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <>
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 04 Jun 2020 21:28:39 -0000


> On the UDP side, there should be no issue.  Anything above UDP has to tolerate loss anyway, so there should be mechanisms that will require from corruption-treated-as-loss. 

That depends. If a single bit inversion can get through undetected, the application layer might never detect an anomalx. (See what I did there?)

   Brian Carpenter

On 05-Jun-20 09:18, Richard Barnes wrote:
> Yeah, secure transports already consider the data from the network untrusted, including TLS and DTLS, but also IPsec/ESP, SSH, SRTP and QUIC.  As long as those protocols are using reasonably modern, AEAD ciphers, the worst impact of corruption in the transport is DoS.
> That said, there might be some pretty hard crashes in cases where the security protocol relies on the transport for something..  For example, TLS doesn't have a mechanism for requesting that data be re-sent in the event of loss/corruption, because it's assumed that TCP provides that.  If corruption is only detected at the TLS layer, there's not a way to recover.  That said, I wouldn't be surprised if many TLS stacks close the connection on bad data anyway.
> On the UDP side, there should be no issue.  Anything above UDP has to tolerate loss anyway, so there should be mechanisms that will require from corruption-treated-as-loss.
> So there may be some feedback loops to close, but that's a more limited, host-internal problem.
> In any case -- one more reason to encrypt everything!
> --Richard
> On Thu, Jun 4, 2020 at 4:17 PM Craig Partridge < <>> wrote:
>     Ah, I somehow had missed that.
>     Looks like it does the trick if we need it. Not sure if we'd have to update the optional checksum to use a new checksum too.
>     Craig
>     On Thu, Jun 4, 2020 at 1:33 PM Joe Touch < <>> wrote:
>         See draft-ietf-tsvwg-udp-options
>         > On Jun 4, 2020, at 12:13 PM, Craig Partridge < <>> wrote:
>         >
>         > Then there's UDP.  UDP has no options.
>     -- 
>     *****
>     Craig Partridge's email account for professional society activities and mailing lists.