Re: The TCP and UDP checksum algorithm may soon need updating
Phillip Hallam-Baker <phill@hallambaker.com> Sun, 07 June 2020 18:38 UTC
Return-Path: <hallam@gmail.com>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F05913A003E for <ietf@ietfa.amsl.com>; Sun, 7 Jun 2020 11:38:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.397
X-Spam-Level:
X-Spam-Status: No, score=-1.397 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.249, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.249, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GwA0a_JFarWb for <ietf@ietfa.amsl.com>; Sun, 7 Jun 2020 11:38:06 -0700 (PDT)
Received: from mail-oo1-f67.google.com (mail-oo1-f67.google.com [209.85.161.67]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D9AE3A080E for <ietf@ietf.org>; Sun, 7 Jun 2020 11:38:06 -0700 (PDT)
Received: by mail-oo1-f67.google.com with SMTP id 7so3039386oof.8 for <ietf@ietf.org>; Sun, 07 Jun 2020 11:38:06 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=JyKPff2PzG8vlJEu4Unk0R2aDlAhTPEy0LcvvuFT0KQ=; b=DfS/Uq3sgYu8Wy9c/olTaVBol59ApnRwGEib7iTALu9uQ5QVrDYJzV6vtsXnKlPgxz iEaPFQ9qK3LOvY3yLU2nwj07j3rMm/zq+hL2lBLZ8gQ6iETOllROgdEaKioVvwUFcqyI RZ8l4mjnOPmkrXOoiV/FiQRC7sVlOmZfMXOIZjxJvUzeRVIOt+ONZmM7vvjXE9JpS1aP /fuQ0IFX7V3rr8mN7b7fjUUte0vstH0VdHxt7Rvp8aRG+n0s3/H2A+jhtMLvYLFhD4FQ ZaWd6DLq4oecjpg5u6HP1pI82eJEPA5c2hkSbmGYdBSqomiGPJpenx2hbQVfXsnRsQcW wVIA==
X-Gm-Message-State: AOAM531FON3jYFXcVTj4c8+PFYF/lRlrwafWtGPVjnNYRvFm0QTjsIir xvwwIJG/hTH5y0vj98jHE4f4sH0oQfkd+Ra2RmA=
X-Google-Smtp-Source: ABdhPJxrmckmabxB0Y/sapTyqD/jV/i16HyMc1p9ROecjMNJURDEU+71gNB4mRf93xzTxmitNs56x1gZTcurw02sLg4=
X-Received: by 2002:a4a:e2c1:: with SMTP id l1mr15190176oot.12.1591555085577; Sun, 07 Jun 2020 11:38:05 -0700 (PDT)
MIME-Version: 1.0
References: <CAHQj4Cem6YdTXKFPW6Mk6gK9Yt_2qD=M7PAE6nxFEdJrD==ZVA@mail.gmail.com> <8CDB0383-41B9-4D10-BCA8-FF6FC7AFF2DD@huitema.net> <db8943fc-5cd3-9ea7-2876-a5468216d86f@huitema.net> <CAMm+Lwj=5h_zgm0=fD6AjbLmsg91ctv7a6pW0fh8L9o38C1GmQ@mail.gmail.com> <76F7B5D1-27E3-467C-9375-0030AD5B839F@strayalpha.com> <CAMm+Lwj6jAW2w-Q7RuWrJJfrfii4L7zcdykdaYHw_w_0h89ZSQ@mail.gmail.com> <20200605163910.GV18021@localhost>
In-Reply-To: <20200605163910.GV18021@localhost>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Sun, 07 Jun 2020 14:37:54 -0400
Message-ID: <CAMm+Lwia_4zh-9HA5P9L5DqE6bMNMFOZFbzW5DKO025eNuuq4w@mail.gmail.com>
Subject: Re: The TCP and UDP checksum algorithm may soon need updating
To: Nico Williams <nico@cryptonector.com>
Cc: Joseph Touch <touch@strayalpha.com>, Craig Partridge <craig@tereschau.net>, Christian Huitema <huitema@huitema.net>, IETF discussion list <ietf@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000084328305a782cb42"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/rZq3pWzU4HswnXSkPYaUpMyjNpM>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Jun 2020 18:38:08 -0000
On Fri, Jun 5, 2020 at 12:39 PM Nico Williams <nico@cryptonector.com> wrote: > On Fri, Jun 05, 2020 at 12:10:25PM -0400, Phillip Hallam-Baker wrote: > > On Fri, Jun 5, 2020 at 12:01 AM Joseph Touch <touch@strayalpha.com> > wrote: > > > > Before we solve a problem in theory rather than in practice. > > > > Has anyone been looking? The security area has always been interested in > > No one looks for this. > Does anyone have infrastructure that works so well and so dependably that they can afford the time to perform a full post mortem on every error? How many people do post mortems versus turning it off and on again? There are so many bugs in the application layer that hardware errors are rarely considered. Case in point, I have close to $10K worth of consumer level Internet gear in my house. Every so often the network will go into some weird race condition that is clearly a consequence of buffer bloat or some piece of connected hardware spamming the network with garbage. The manufacturers provide precisely zero support for debugging. None, nil, nadda. The reason I try to use consumer grade equipment is that I want to understand the system from the consumer's perspective and right now I don't have any respect for any of the hardware suppliers involved. That said, 24 port PoE internet switches are probably not consumer grade. > > theoretical attacks. They are by far the best kind. > > This is a real problem, not theoretical. > Of course it is real. The Internet is a sufficiently large network that everything that can happen will happen. > Now, we've talked about how some applications are or can easily be > impervious to this. If you're transferring static data, this is not a > problem because you just use crypto that detects TCP checksum failures > and then make the application protocol recover. But some applications > are more difficult to address than others. > > I wonder how much TCP offload HW will complicate the upgrade path here. > The argument I was making was actually somewhat different to the one Joe responded to. My point is actually that data transfers are becoming sufficiently large that it is no longer sensible or useful to adopt the assumption that TCP is a perfect, error-free transport at the application layer. But the memory issue Michael raised is also rather important. The UNIX assumption that 'everything is a stream of bits' was a viable assumption at one point in time. But as we build larger and larger systems, that assumption also becomes weak. We need to think about how we store large quantities of data on SSD etc. as well. I already have RAIDs that are approaching 100TB and soon we will be at the point where PetaByte SSD stores are common. If we want systems to work well, we cannot build systems that are hurling terabytes of data about in the exact same way that we used to build systems when a 20MB drive was the acme of luxury. Rather than trying to make TCP/IP a flawless transport, we have to apply the same principle of making a lossy channel robust at the higher level.
- The TCP and UDP checksum algorithm may soon need … Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Joe Touch
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Richard Barnes
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Brian E Carpenter
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Richard Barnes
- Re: The TCP and UDP checksum algorithm may soon n… Richard Barnes
- Re: The TCP and UDP checksum algorithm may soon n… Christian Huitema
- Re: The TCP and UDP checksum algorithm may soon n… Christian Huitema
- Re: The TCP and UDP checksum algorithm may soon n… Phillip Hallam-Baker
- Re: The TCP and UDP checksum algorithm may soon n… Joseph Touch
- Re: The TCP and UDP checksum algorithm may soon n… Stewart Bryant
- Re: The TCP and UDP checksum algorithm may soon n… Phillip Hallam-Baker
- Re: The TCP and UDP checksum algorithm may soon n… Joseph Touch
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Michael Richardson
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Masataka Ohta
- Re: The TCP and UDP checksum algorithm may soon n… John Levine
- Re: The TCP and UDP checksum algorithm may soon n… Phillip Hallam-Baker
- Re: The TCP and UDP checksum algorithm may soon n… Joseph Touch
- Re: The TCP and UDP checksum algorithm may soon n… Christian Huitema
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Joseph Touch
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Salz, Rich
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Salz, Rich
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Michael Richardson
- Re: The TCP and UDP checksum algorithm may soon n… Benjamin Kaduk
- Re: The TCP and UDP checksum algorithm may soon n… Nick Hilliard
- Re: The TCP and UDP checksum algorithm may soon n… Carsten Bormann
- Re: The TCP and UDP checksum algorithm may soon n… Nick Hilliard
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Joe Touch
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Nick Hilliard
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Nick Hilliard
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Carsten Bormann
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… John C Klensin
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Richard Barnes
- Re: The TCP and UDP checksum algorithm may soon n… Russ Housley
- Re: The TCP and UDP checksum algorithm may soon n… Brian E Carpenter
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Warren Kumari
- Re: The TCP and UDP checksum algorithm may soon n… John C Klensin
- Re: The TCP and UDP checksum algorithm may soon n… Christian Huitema
- Re: The TCP and UDP checksum algorithm may soon n… John C Klensin
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Eric Rescorla
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Nico Williams
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… John Levine
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas
- Re: The TCP and UDP checksum algorithm may soon n… Brian E Carpenter
- Re: The TCP and UDP checksum algorithm may soon n… Warren Kumari
- Re: The TCP and UDP checksum algorithm may soon n… John R Levine
- Re: The TCP and UDP checksum algorithm may soon n… tom petch
- Re: The TCP and UDP checksum algorithm may soon n… Salz, Rich
- Re: The TCP and UDP checksum algorithm may soon n… Carsten Bormann
- Re: The TCP and UDP checksum algorithm may soon n… Salz, Rich
- Re: The TCP and UDP checksum algorithm may soon n… Craig Partridge
- Re: The TCP and UDP checksum algorithm may soon n… Michael Thomas