Re: The TCP and UDP checksum algorithm may soon need updating

Brian E Carpenter <brian.e.carpenter@gmail.com> Thu, 04 June 2020 21:28 UTC

Return-Path: <brian.e.carpenter@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 209F53A0FD7 for <ietf@ietfa.amsl.com>; Thu, 4 Jun 2020 14:28:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ud-edpeBf3ts for <ietf@ietfa.amsl.com>; Thu, 4 Jun 2020 14:28:30 -0700 (PDT)
Received: from mail-pg1-x531.google.com (mail-pg1-x531.google.com [IPv6:2607:f8b0:4864:20::531]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9803C3A0F9B for <ietf@ietf.org>; Thu, 4 Jun 2020 14:28:30 -0700 (PDT)
Received: by mail-pg1-x531.google.com with SMTP id n23so4063240pgb.12 for <ietf@ietf.org>; Thu, 04 Jun 2020 14:28:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=hskM7OzhkfNLmCEOgFLC6T1EGL2+Lho2hBNx7GGluzs=; b=iRRH2vmlkWXE/zrjM0GBUqICDfit07bT7jXY5N7w96EABkFHrPnKFo9rTBEDQ0+S3u EM68q4XsYRWrUzgn4b43qm+WRlDV8E6vXniJ+2/qrd91cfXJ76hvajRjhflE+VTkE8dU NXfor27zC7Q35jGOUHH1iLkms0R5l2ibDq883jLgRwIobknc/hiXnItHxcS/CBYhfojw Tw2xcHDj9BwluvcGz6hm4wiqOXpf0tTdx7PTWJ8jOMiKYVyyUC6YJSyJKnDgccNevQt6 4XtMid2AoK8hTXiKniz+xdFFP3Hd9cWrylae9vLUFOAQtVeAIIvyTjwkAUm/3XFc3tGX /uOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=hskM7OzhkfNLmCEOgFLC6T1EGL2+Lho2hBNx7GGluzs=; b=S/DTkghP/nBXAWCIqh3OkKBPI1XhuYc7WxW9uLujAj6m2KSHXHNcaEkc6OXsDRYbed y5wB1vfCXkZfIoMcReYJ4FKwlsg5KzO2t/tBLzcieCTCmIfg8YMZ6AHViCC0/bdYaSHn XzJ8FXr4pTaWvNgujFdxpJOK3bmptAsBwg83OwCOlr21ngjt7ZBv6zAP3y4TEOW4FBYi Q5UcMAk7si+145Bgua6Gm+4ec8QI5KBjZm2Q/afd6ojlciZbjtm3/CZbqc/xi/NKehfz zbAscaK5YaaSEY2wMnmTME2Gvd6y4Kd2Sv/l4l8Bt9cSYXiyjnXvPFbGLCC8x3tS8qNb 35ow==
X-Gm-Message-State: AOAM531vroUVgZBLJkBxTBPx18ahSBXxbZGsPxVLuR0ILyHvCFGZGMKn IxGg9P5sw1JhBjKsb3wMIeujMdNY1x4=
X-Google-Smtp-Source: ABdhPJxCZXgTvCO/jiIflySUaVHQaJPIFzmrbX5FW+8FALLlWNRVi4YJW0oWJVjavmDeNiWM6vzkGA==
X-Received: by 2002:a63:34cd:: with SMTP id b196mr5946370pga.2.1591306109684; Thu, 04 Jun 2020 14:28:29 -0700 (PDT)
Received: from [192.168.178.30] ([165.84.12.178]) by smtp.gmail.com with ESMTPSA id h35sm6898173pje.29.2020.06.04.14.28.27 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Thu, 04 Jun 2020 14:28:29 -0700 (PDT)
Subject: Re: The TCP and UDP checksum algorithm may soon need updating
To: Richard Barnes <rlb@ipv.sx>, Craig Partridge <craig@tereschau.net>
Cc: IETF discussion list <ietf@ietf.org>
References: <CAHQj4Cf_vgXYEL=x4DCEnpwNxZpJQSD-h6MWmhMWpYwPF9XFow@mail.gmail.com> <E23EC459-213F-4D19-BC1B-6050EC2CB653@strayalpha.com> <CAHQj4CcOpciujCP9ugegjEjzyT7Oqzv_WtjWyTAGacUxkG9YYg@mail.gmail.com> <CAL02cgRjMQtcYDF04-3FsN1WOg_7H1fpR2_qPUwa-BegkQqp8A@mail.gmail.com>
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Message-ID: <528f3f54-28ad-a3ec-d693-2126a8397e67@gmail.com>
Date: Fri, 5 Jun 2020 09:28:23 +1200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.9.1
MIME-Version: 1.0
In-Reply-To: <CAL02cgRjMQtcYDF04-3FsN1WOg_7H1fpR2_qPUwa-BegkQqp8A@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/WkqRwF9XnNLPJ7mcwkfnhRDAesE>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jun 2020 21:28:39 -0000

Richard,

> On the UDP side, there should be no issue.  Anything above UDP has to tolerate loss anyway, so there should be mechanisms that will require from corruption-treated-as-loss. 

That depends. If a single bit inversion can get through undetected, the application layer might never detect an anomalx. (See what I did there?)

Regards
   Brian Carpenter

On 05-Jun-20 09:18, Richard Barnes wrote:
> Yeah, secure transports already consider the data from the network untrusted, including TLS and DTLS, but also IPsec/ESP, SSH, SRTP and QUIC.  As long as those protocols are using reasonably modern, AEAD ciphers, the worst impact of corruption in the transport is DoS.
> 
> That said, there might be some pretty hard crashes in cases where the security protocol relies on the transport for something..  For example, TLS doesn't have a mechanism for requesting that data be re-sent in the event of loss/corruption, because it's assumed that TCP provides that.  If corruption is only detected at the TLS layer, there's not a way to recover.  That said, I wouldn't be surprised if many TLS stacks close the connection on bad data anyway.
> 
> On the UDP side, there should be no issue.  Anything above UDP has to tolerate loss anyway, so there should be mechanisms that will require from corruption-treated-as-loss.
> 
> So there may be some feedback loops to close, but that's a more limited, host-internal problem.
> 
> In any case -- one more reason to encrypt everything!
> 
> --Richard
> 
> On Thu, Jun 4, 2020 at 4:17 PM Craig Partridge <craig@tereschau.net <mailto:craig@tereschau.net>> wrote:
> 
>     Ah, I somehow had missed that.
> 
>     Looks like it does the trick if we need it. Not sure if we'd have to update the optional checksum to use a new checksum too.
> 
>     Craig
> 
>     On Thu, Jun 4, 2020 at 1:33 PM Joe Touch <touch@strayalpha.com <mailto:touch@strayalpha..com>> wrote:
> 
>         See draft-ietf-tsvwg-udp-options
> 
>         > On Jun 4, 2020, at 12:13 PM, Craig Partridge <craig@tereschau.net <mailto:craig@tereschau.net>> wrote:
>         >
>         > Then there's UDP.  UDP has no options.
> 
> 
> 
>     -- 
>     *****
>     Craig Partridge's email account for professional society activities and mailing lists.
>