IETF Logo Mail Archive

Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat-02

Rob Sherwood <capveg@cs.umd.edu> Wed, 26 March 2008 20:27 UTC

Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: ietfarch-tcpm-archive@core3.amsl.com
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3C0A928C340; Wed, 26 Mar 2008 13:27:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -100.603
X-Spam-Level:
X-Spam-Status: No, score=-100.603 tagged_above=-999 required=5 tests=[AWL=-0.166, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y5Gki2knt1dG; Wed, 26 Mar 2008 13:27:41 -0700 (PDT)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 34E353A695F; Wed, 26 Mar 2008 13:27:41 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 717A128C2ED for <tcpm@core3.amsl.com>; Wed, 26 Mar 2008 13:27:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8m6QY0aN+QG3 for <tcpm@core3.amsl.com>; Wed, 26 Mar 2008 13:27:39 -0700 (PDT)
Received: from circular.cs.umd.edu (circular.cs.umd.edu [128.8.128.176]) by core3.amsl.com (Postfix) with ESMTP id 434E33A6DBF for <tcpm@ietf.org>; Wed, 26 Mar 2008 13:27:39 -0700 (PDT)
Received: from loompa.cs.umd.edu (loompa.cs.umd.edu [128.8.128.63]) by circular.cs.umd.edu (8.12.11.20060308/8.12.5) with ESMTP id m2QKPDgB025022; Wed, 26 Mar 2008 16:25:13 -0400
Received: from loompa.cs.umd.edu (localhost [127.0.0.1]) by loompa.cs.umd.edu (8.13.8+Sun/8.12.5) with ESMTP id m2QKP1Ib007741; Wed, 26 Mar 2008 16:25:01 -0400 (EDT)
Received: (from capveg@localhost) by loompa.cs.umd.edu (8.13.8+Sun/8.13.8/Submit) id m2QKP1s2007740; Wed, 26 Mar 2008 16:25:01 -0400 (EDT)
Date: Wed, 26 Mar 2008 16:25:01 -0400
From: Rob Sherwood <capveg@cs.umd.edu>
To: Jakob Heitz <jheitz@redback.com>
Message-ID: <20080326202501.GQ24842@cs.umd.edu>
References: <200803260029.33658.v13@v13.gr> <20080326193338.GO24842@cs.umd.edu> <78C9135A3D2ECE4B8162EBDCE82CAD7703442C8F@nekter> <47EAAC87.2090606@redback.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <47EAAC87.2090606@redback.com>
User-Agent: Mutt/1.5.16 (2007-06-09)
Cc: tcpm@ietf.org
Subject: Re: [tcpm] PoC for draft-moncaster-tcpm-rcv-cheat-02
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

On Wed, Mar 26, 2008 at 01:05:27PM -0700, Jakob Heitz wrote:
> Intentionally dropping segments at the sender
> has an unacceptable negative impact on honest
> connections. No wonder this never flew.

My experiments have show this to be a <0.01% impact on perfomance and
no impact on correctness.  You might argue that my experiments do not
have a wide deployment and might depend on network conditions, but I
don't know why you say the solution is "unacceptable".

> You can detect a possible attacker of this nature
> just by looking for acks of segments you have
> not yet sent. After all, the attacker is sending
> acks for what he didn't receive, so he has no idea
> how far into the future to ack.
> Even if you look for future acks, they may be legit
> ones from a previous connection or old ones from
> the same connection if the sequence space has wrapped.
>
> So I suggest as a defense, if you receive an ack of
> the future, to halve the congestion window.

As I say in my paper, this is not a reasonable defense.

1) The attack does not necessarily send Acks ahead of what is sent and
	I outline a number of ways to avoid doing so.
2) If this is the detection condition, it opens a new DoS where a different
	type of attacker can inject out-of-window Acks into valid connections
	to create false possitives in this test.  Thus, if what you propose 
	were implemented, a third party could force the congestion window
	to be arbitarily small for a connection between two honest nodes,
	without guessing the sequence number.

- Rob
.
_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email