IETF Logo Mail Archive

Re: SSH v3?

Olivier Bonaventure <Olivier.Bonaventure@uclouvain.be> Sun, 06 December 2015 23:32 UTC

Return-Path: <bounces-ietf-ssh-owner-secsh-tyoxbijeg7-archive=lists.ietf.org@NetBSD.org>
X-Original-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Delivered-To: ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3401A1A0119 for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Sun, 6 Dec 2015 15:32:18 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.71
X-Spam-Level:
X-Spam-Status: No, score=-1.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_8BIT_HEADER=0.3, T_RP_MATCHES_RCVD=-0.01] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BIAEB7nxQPUF for <ietfarch-secsh-tyoxbijeg7-archive@ietfa.amsl.com>; Sun, 6 Dec 2015 15:32:17 -0800 (PST)
Received: from mail.netbsd.org (mail.NetBSD.org [IPv6:2001:470:a085:999::25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0ACA31A0115 for <secsh-tyoxbijeg7-archive@lists.ietf.org>; Sun, 6 Dec 2015 15:32:17 -0800 (PST)
Received: by mail.netbsd.org (Postfix, from userid 605) id C2FCD85EE9; Sun, 6 Dec 2015 23:32:15 +0000 (UTC)
Delivered-To: ietf-ssh@netbsd.org
Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 3DCAD85E47 for <ietf-ssh@netbsd.org>; Sun, 6 Dec 2015 23:32:13 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Authentication-Results: mail.netbsd.org (amavisd-new); dkim=pass (1024-bit key) header.d=uclouvain.be
Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id aU8JWqzjZdZy for <ietf-ssh@netbsd.org>; Sun, 6 Dec 2015 23:32:12 +0000 (UTC)
Received: from smtp6.sgsi.ucl.ac.be (smtp.sgsi.ucl.ac.be [130.104.5.67]) by mail.netbsd.org (Postfix) with ESMTP id 4376A85E13 for <ietf-ssh@netbsd.org>; Sun, 6 Dec 2015 23:32:11 +0000 (UTC)
Received: from mbpobo.local (host-78-129-6-94.dynamic.voo.be [78.129.6.94]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: obonaventure@smtp6.sgsi.ucl.ac.be) by smtp6.sgsi.ucl.ac.be (Postfix) with ESMTPSA id 0354318343C; Sun, 6 Dec 2015 23:13:28 +0100 (CET)
X-DKIM: Sendmail DKIM Filter v2.8.3 smtp6.sgsi.ucl.ac.be 0354318343C
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=uclouvain.be; s=selucl; t=1449440009; bh=pC+EZw0YlWmvfsJZu9SsY4D2MvBVfaCUorTQ8FUXmHU=; h=Reply-To:Subject:References:To:Cc:From:Message-ID:Date: MIME-Version:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=UYIUfZ18pWrjO2gKrJ7i3wBOvgEddOjq2Ar9w2XT/vNV7Sug7mhwvROiXOXIvQkDe XugBqVChB07QZP3GtmrAip/qWnG4fAzpHzm36DmT/65o+dSS/LOJZAmprHkXsUER2M 0cdNiyIony9TNZq2g4fJ2gjVD5wT4Tj9laUbvr1s=
Reply-To: Olivier.Bonaventure@uclouvain.be
Subject: Re: SSH v3?
References: <1537810400-3144@skroderider.denisbider.com> <nnio4hp7t9.fsf@armitage.lysator.liu.se>
To: Niels Möller <nisse@lysator.liu.se>, denis bider <ietf-ssh3@denisbider.com>
Cc: Damien Miller <djm@mindrot.org>, Simon Tatham <anakin@pobox.com>, Simon Josefsson <simon@josefsson.org>, ietf-ssh@netbsd.org
From: Olivier Bonaventure <Olivier.Bonaventure@uclouvain.be>
Message-ID: <5664B308.6050605@uclouvain.be>
Date: Sun, 06 Dec 2015 23:13:28 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.3.0
MIME-Version: 1.0
In-Reply-To: <nnio4hp7t9.fsf@armitage.lysator.liu.se>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: clamav-milter 0.99-beta1 at smtp-6.sipr-dc.ucl.ac.be
X-Virus-Status: Clean
X-Sgsi-Spamcheck: SASL authenticated,
X-SGSI-MailScanner-ID: 0354318343C.A09ED
X-SGSI-MailScanner: Found to be clean
X-SGSI-From: olivier.bonaventure@uclouvain.be
X-SGSI-Spam-Status: No
Sender: ietf-ssh-owner@NetBSD.org
List-Id: ietf-ssh.NetBSD.org
Precedence: list

Niels, Denis,
>
>> - On connections prone to random errors (wireless), large transfers
>> are bound for disconnects at a rate of 2^-16 per error. TCP just
>> corrupts the data in this case. SSH detects the corruption, but cannot
>> recover from it.
>> - A TCP connection can be reset by a single spoofed RST packet from
>> anyone who knows the IP address and port number of one of the end
>> points.
>
> So you're basically saying that tcp sucks. That's not very ssh specific.
>
> Maybe it would make sense with some mechanism to let ssh reconnect after
> a tcp connection fails. You may also want to have a look at mptcp,
> which, among other things, can let a connection survive failure of a
> single tcp flow.

Indeed, mptcp can cope with several of the issues that you mention. Upon 
reception of a (spurious, fake, middlebox-generated,...) RST, MPTCP can 
preserve the connection and restablish a subflow.

MPTCP is also able to use different paths simultaneously, which brings 
interesting benefits and challenges from a security viewpoint.

MPTCP has been standardised by the IETF (RFC6824), and there are 
implementations for Linux (http://www.multipath-tcp.org), Apple (iOS and 
Macos ship it but only enable it for Siri), FreeBSD (partial) and Oracle.

It is also possible to better integrate a security protocol like SSH 
with the underlying MPTCP. I wrote a first step in this direction last 
year for TLS :

https://tools.ietf.org/html/draft-bonaventure-mptcp-tls-00


A similar approach could be used for SSH. Basically, the main idea is to 
delegate the authentication of the received data to MPTCP so that MPTCP 
can detect packet errors and recover at this layer (e.g. by releasing a 
subflow and restating another one) without forcing the security protocol 
to terminate the session because an invalid data was received.

Olivier

v2.23.0 | Report a Bug | By Email