Re: The TCP and UDP checksum algorithm may soon need updating
Eric Rescorla <ekr@rtfm.com> Tue, 09 June 2020 19:48 UTC
Return-Path: <ekr@rtfm.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DE26E3A0D52 for <ietf@ietfa.amsl.com>; Tue, 9 Jun 2020 12:48:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4Hbu3R74drJD for <ietf@ietfa.amsl.com>; Tue, 9 Jun 2020 12:48:41 -0700 (PDT)
Received: from mail-lj1-x234.google.com (mail-lj1-x234.google.com [IPv6:2a00:1450:4864:20::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04D933A0D4F for <ietf@ietf.org>; Tue, 9 Jun 2020 12:48:41 -0700 (PDT)
Received: by mail-lj1-x234.google.com with SMTP id x18so10142333lji.1 for <ietf@ietf.org>; Tue, 09 Jun 2020 12:48:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=AsHpfUTbijuQpCprI6kuIhHIllVFQyVux8UPiFWnwmU=; b=iJK8bpmBZE4xco3dvvAyS5M0Lhe07vykx0ENztPoUc7Jr6ycl9tRpA/fNC15R8rMit bIYsly5qJdbVNaH/1mOLz6AII5EtqF1f7Aiyb0TUdoZPm0rqZXdZgZC/KkqJtQb0yJpK e0z8uX5p2D3298IC5lClO7KXU8wif6D1P7MCy4uV4k1UPpj6SNwOIqpXmFINHLNkoJqO zpR/hdgvn99gTm4ys8Ib8xZb+wif0cOUoZCFt4kVyKwtsO/sK5arm0l3Vvao0Ua5dbMA jB5baVmV9xwvlUsM6R38a5uidZWSDs76Uv6upijazryeAOfWa1I1SLsTIX4lTIewU9Pu vHaw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=AsHpfUTbijuQpCprI6kuIhHIllVFQyVux8UPiFWnwmU=; b=O/9B0+9zNxyTsCxEeSz3y1qzVVmf/cfSbXba75VSLcKzgiDUDUMkcKVfIK2uHj+xlD w6KI94+edBiShsNKBnMb6GKheK6/wrKKuFNB9k/UUK+1ErqOehOt9+Em3SN8JA0LJCe6 bIJd4mkpxicpnf3HjNUGhaxnBTg5C+HvautjKoyPrWMSnVOKnN/sWN2fZ/zYqtjcQKav WF2CdMlmjpWItAQxMwLktdbrJIwmoqvqwB1mH35QruTaeyIh5NyE3gvFiEpsp4VberG1 ifTL6cYJ+i9shJACWZBfk4f2mbrKLkURblRj4CHnUIuGI0VKtdNbMHjotL7FGB9zhtdA nT+g==
X-Gm-Message-State: AOAM531wdohqsCHHEcRTgHFN0dKY3DNBt/7VS/BnF9JHLMWrI2CP7nGM buUnnE9+aB0UeO+FQEyBxKOlXq3mnKsmA3uFmhOI5w==
X-Google-Smtp-Source: ABdhPJwz2B32qvBneihFL5ceN5xUR+GusWAkEY2ahPZ95vrc6ZvoqPSQ0JOXeUoOYEgZb50u5atGo7UL873tM5Lj4Es=
X-Received: by 2002:a05:651c:299:: with SMTP id b25mr11166577ljo.13.1591732119075; Tue, 09 Jun 2020 12:48:39 -0700 (PDT)
MIME-Version: 1.0
References: <CAHQj4CcRanB9c6_cEVcLgUNJBFMqXb_aH6eBBSaR0-_rQO5i9Q@mail.gmail.com>
In-Reply-To: <CAHQj4CcRanB9c6_cEVcLgUNJBFMqXb_aH6eBBSaR0-_rQO5i9Q@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Tue, 09 Jun 2020 12:48:03 -0700
Message-ID: <CABcZeBPNqmX0bdragemR3WsbyjWmFa0MVMH-NdPC0ozRFqAY8Q@mail.gmail.com>
Subject: Re: The TCP and UDP checksum algorithm may soon need updating
To: Craig Partridge <craig@tereschau.net>
Cc: IETF discussion list <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000890eb405a7ac035e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/nZZohLqMN9Et1SI9_BeKVGpvJnM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jun 2020 19:48:43 -0000
On Tue, Jun 9, 2020 at 12:32 PM Craig Partridge <craig@tereschau.net> wrote: > Following up on notes from various folks, most notably John K. and > Christian H., about checksums and encryption-based integrity protection, I > wanted to make a couple of clarifying points. > > * If you are not worried about an adversary who seeks to alter your data > in transit, then integrity protection is a lousy method for ensuring the > received data is correct. > I agree with this statement. However, with that said, we *should* generally be worried about such an adversary and so in general our protocols should have integrity protection at some layer in the stack, and while inefficient, the adversarial requirements also mean that the chance of detecting non-adversarial error is also very high. As you note in your original email, the issue arises when integrity check failures occur at a layer which cannot recover from them (as has been noted, TLS over TCP but not QUIC). Faced with this, we can do one of three things: - Create higher layer recovery mechanisms which can recover from lower layer failures (as Richard alluded to with TCP) - Move to protocols which can recover from errors (e.g., QUIC) - Improve the non-adversarial checksum (in this case the TCP checksum) so that the chance of undetected non-adversarial error is very low (the topic that kicked off this thread). It's worth noting that the first two are already happening and will most likely continue regardless of what happens at the lower layers (in part because they need to take the lower layers as they are now). -Ekr
- The TCP and UDP checksum algorithm may soon need … Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Joe Touch
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Richard Barnes
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Brian E Carpenter
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Richard Barnes
- Re: The TCP and UDP checksum algorithm may soon n… Richard Barnes
- Re: The TCP and UDP checksum algorithm may soon n… Christian Huitema
- Re: The TCP and UDP checksum algorithm may soon n… Christian Huitema
- Re: The TCP and UDP checksum algorithm may soon n… Phillip Hallam-Baker
- Re: The TCP and UDP checksum algorithm may soon n… Joseph Touch
- Re: The TCP and UDP checksum algorithm may soon n… Stewart Bryant
- Re: The TCP and UDP checksum algorithm may soon n… Phillip Hallam-Baker
- Re: The TCP and UDP checksum algorithm may soon n… Joseph Touch
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Michael Richardson
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Masataka Ohta
- Re: The TCP and UDP checksum algorithm may soon n… John Levine
- Re: The TCP and UDP checksum algorithm may soon n… Phillip Hallam-Baker
- Re: The TCP and UDP checksum algorithm may soon n… Joseph Touch
- Re: The TCP and UDP checksum algorithm may soon n… Christian Huitema
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Joseph Touch
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Salz, Rich
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Salz, Rich
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Michael Richardson
- Re: The TCP and UDP checksum algorithm may soon n… Benjamin Kaduk
- Re: The TCP and UDP checksum algorithm may soon n… Nick Hilliard
- Re: The TCP and UDP checksum algorithm may soon n… Carsten Bormann
- Re: The TCP and UDP checksum algorithm may soon n… Nick Hilliard
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Joe Touch
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Nick Hilliard
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Nick Hilliard
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Carsten Bormann
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… John C Klensin
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Richard Barnes
- Re: The TCP and UDP checksum algorithm may soon n… Russ Housley
- Re: The TCP and UDP checksum algorithm may soon n… Brian E Carpenter
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Warren Kumari
- Re: The TCP and UDP checksum algorithm may soon n… John C Klensin
- Re: The TCP and UDP checksum algorithm may soon n… Christian Huitema
- Re: The TCP and UDP checksum algorithm may soon n… John C Klensin
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Eric Rescorla
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… John Levine
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Brian E Carpenter
- Re: The TCP and UDP checksum algorithm may soon n… Warren Kumari
- Re: The TCP and UDP checksum algorithm may soon n… John R Levine
- Re: The TCP and UDP checksum algorithm may soon n… tom petch
- Re: The TCP and UDP checksum algorithm may soon n… Salz, Rich
- Re: The TCP and UDP checksum algorithm may soon n… Carsten Bormann
- Re: The TCP and UDP checksum algorithm may soon n… Salz, Rich
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas