Re: [multipathtcp] Stephen Farrell's No Objection on draft-ietf-mptcp-experience-06: (with COMMENT)

Anna Brunstrom <anna.brunstrom@kau.se> Wed, 14 September 2016 16:41 UTC

Return-Path: <prvs=00657a3d1d=anna.brunstrom@kau.se>
X-Original-To: multipathtcp@ietfa.amsl.com
Delivered-To: multipathtcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 23E4812B351; Wed, 14 Sep 2016 09:41:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ciatpzn_Fc3K; Wed, 14 Sep 2016 09:41:56 -0700 (PDT)
Received: from nasse.dc.kau.se (smtp.kau.se [193.10.220.39]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9E41A12B334; Wed, 14 Sep 2016 09:41:56 -0700 (PDT)
X-Spam-Processed: mail.kau.se, Wed, 14 Sep 2016 18:41:51 +0200 (not processed: spam filter heuristic analysis disabled)
X-MDRemoteIP: 90.236.251.243
X-MDArrival-Date: Wed, 14 Sep 2016 18:41:51 +0200
X-Authenticated-Sender: anna.brunstrom@kau.se
X-Return-Path: anna.brunstrom@kau.se
X-Envelope-From: anna.brunstrom@kau.se
To: Olivier.Bonaventure@uclouvain.be, stephen.farrell@cs.tcd.ie, iesg@ietf.org
References: <147385003530.1966.83385935910172454.idtracker@ietfa.amsl.com> <d8376f59-1fc5-7ba8-8223-e47dd0518381@uclouvain.be>
From: Anna Brunstrom <anna.brunstrom@kau.se>
Message-ID: <ddb0fb57-c2e3-00b9-2d40-f219fd63c32f@kau.se>
Date: Wed, 14 Sep 2016 18:41:44 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.3.0
MIME-Version: 1.0
In-Reply-To: <d8376f59-1fc5-7ba8-8223-e47dd0518381@uclouvain.be>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/multipathtcp/1BLNeVlH0lYIq2mI2wrdWRhBwsE>
Cc: multipathtcp@ietf.org, draft-ietf-mptcp-experience@ietf.org, mptcp-chairs@ietf.org
Subject: Re: [multipathtcp] Stephen Farrell's No Objection on draft-ietf-mptcp-experience-06: (with COMMENT)
X-BeenThere: multipathtcp@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Multi-path extensions for TCP <multipathtcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/multipathtcp/>
List-Post: <mailto:multipathtcp@ietf.org>
List-Help: <mailto:multipathtcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/multipathtcp>, <mailto:multipathtcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Sep 2016 16:41:59 -0000

Hi Olivier, all,

On 2016-09-14 18:13, Olivier Bonaventure wrote:
> Stephen,
>>
>> ----------------------------------------------------------------------
>> COMMENT:
>> ----------------------------------------------------------------------
>>
>>
>> I was a bit sad that there was no reporting of
>> experiences with the security aspects of MPTCP.  Have
>> we really learned nothing worth saying about that?
>> Have we really seen no attacks on, or tailored to,
>> MPTCP? It seems odd that the answer to both questions
>> is "no."
>
> There are already two RFC on security issues with MPTCP
>
> https://tools.ietf.org/html/rfc6181
> https://tools.ietf.org/html/rfc7430
>
> We did not want to rediscuss those issues that are alreayd documented 
> on the security of MPTCP itself.
>
> Another point is the impact of MPTCP on existing IDS, firewalls and 
> other types middleboxes that could only see a portion of the traffic. 
> There have been blackhat presentations on this, e.g.
>
> https://www.blackhat.com/docs/us-14/materials/us-14-Pearce-Multipath-TCP-Breaking-Todays-Networks-With-Tomorrows-Protocols.pdf 
>

In case it is of interest, there is also some academic work measuring 
and evaluating this in: Z Afzal, S Lindskog, "Multipath TCP IDS Evasion 
and Mitigation", International Information Security Conference, 2015, 
Springer

BR,
Anna

>
> I haven't seen deployment of those attacks, but could extend section 
> 3.5 or discuss this in a bit more details if you think that this would 
> be useful.
>
>
> Olivier
>
> _______________________________________________
> multipathtcp mailing list
> multipathtcp@ietf.org
> https://www.ietf.org/mailman/listinfo/multipathtcp