IETF Logo Mail Archive

Re: [tcpm] tcp-auth-opt issue: replay protection

"Adam Langley" <agl@imperialviolet.org> Wed, 30 July 2008 23:36 UTC

Return-Path: <tcpm-bounces@ietf.org>
X-Original-To: tcpm-archive@megatron.ietf.org
Delivered-To: ietfarch-tcpm-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A2D813A6875; Wed, 30 Jul 2008 16:36:22 -0700 (PDT)
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3A4C13A6875 for <tcpm@core3.amsl.com>; Wed, 30 Jul 2008 16:36:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9waz0Mk+Edyn for <tcpm@core3.amsl.com>; Wed, 30 Jul 2008 16:36:20 -0700 (PDT)
Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.229]) by core3.amsl.com (Postfix) with ESMTP id 4EBDC3A67E5 for <tcpm@ietf.org>; Wed, 30 Jul 2008 16:36:20 -0700 (PDT)
Received: by rv-out-0506.google.com with SMTP id b25so236206rvf.49 for <tcpm@ietf.org>; Wed, 30 Jul 2008 16:36:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender :to:subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references :x-google-sender-auth; bh=1Yx3dEpPzM9uebrlvoVSppEWDviMdXxzb6aQRvOr1IM=; b=J1eLe/vZDorpNSDXYGJfs7kskAJMEZORnZSAwBeMd6U/GaBar/jxpQJ6td4ss0IkbK GM2JFG4sTaDmi2xIy6VoumKTjyw9jZI+x6BU/f9iwWtw0jw2BzNSdvuGX5jZdG6fuMMy cL4JXJKBU9v7xgKq7z4KDD7x/AGXzdtKUUGxQ=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references:x-google-sender-auth; b=r2xDXzVBSV/9hDzHbl2XCPTpdYZuts93fmBYIEaP8ToDSHfJlqpSjiXp1zo/kFhlDv BbGup/2kJy9rclofc1Iv/AjZq1D5CIeI5jdhS8DlD0g/7uIOyxWeLRir/rsGH02NNSH2 Zlvc6TgytWe/2Kn2DeoX5mBjQA6bWFya7R+4A=
Received: by 10.140.202.21 with SMTP id z21mr4923840rvf.81.1217460996571; Wed, 30 Jul 2008 16:36:36 -0700 (PDT)
Received: by 10.141.186.3 with HTTP; Wed, 30 Jul 2008 16:36:36 -0700 (PDT)
Message-ID: <396556a20807301636m31141ec0t2ba89b991c3cd40e@mail.gmail.com>
Date: Wed, 30 Jul 2008 16:36:36 -0700
From: Adam Langley <agl@imperialviolet.org>
To: Joe Touch <touch@isi.edu>
In-Reply-To: <4890F69E.9060206@isi.edu>
MIME-Version: 1.0
Content-Disposition: inline
References: <20080728042451.C7A174B7AD3@kilo.rtfm.com> <488DD77D.9070608@isi.edu> <20080728144721.AC9184B905A@kilo.rtfm.com> <488DE021.7070307@isi.edu> <20080728164013.422D14B9600@kilo.rtfm.com> <F32F8EC5-70C9-4A7B-A2D2-B00CA43AECFA@nokia.com> <20080730213253.B347F4D52E1@kilo.rtfm.com> <4890E9AE.3000607@isi.edu> <396556a20807301610g35e77244wc4f6a24576b56ea0@mail.gmail.com> <4890F69E.9060206@isi.edu>
X-Google-Sender-Auth: 81a48f71b570cd8f
Cc: tcpm@ietf.org
Subject: Re: [tcpm] tcp-auth-opt issue: replay protection
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://www.ietf.org/mailman/private/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: tcpm-bounces@ietf.org
Errors-To: tcpm-bounces@ietf.org

On Wed, Jul 30, 2008 at 4:17 PM, Joe Touch <touch@isi.edu> wrote:
> Can you explain the algorithm for "closest"?

Sure,

let the last 'known' value for the ESN be a uint64_t called last_esn
and the current SEQ be a uint32_t called current.

uint64_t last_top32bits = last_esn >> 32;
uint64_t possibility_1 = (last_top32bits - 1) << 32 | current;
uint64_t possibility_2 = last_top32bits << 32 | current;
uint64_t possibility_3 = (last_top32bits + 1) << 32 | current;

uint64_t delta_1 = distance(possibility_1, last_esn);
uint64_t delta_2 = distance(possibility_2, last_esn);
uint64_t delta_3 = distance(possibility_3, last_esn);

uint64_t new_esn = min(delta_1, delta_2, delta_3);

That's written to try and be clear, rather than actual code that I would write.

The idea is that, when we get a seq number, we know that the sending
side had a definite 64-bit ESN in mind when they sent it. We know the
bottom 32-bits of this, so there are 2**32 possible ESNs (the set of
64-bit numbers with those 32 bits in the lower half). We pick the one
that is closest to the last known value.

If our last known value was 0, and we get 1, we assume that the ESN is one.

If the last ESN was 2**32 - 1, and we get 1, we assume that the ESN is
2**32 + 1.

If the last ESN was 2**32 + 1, and we get 2**32 - 5 (packet
reordering), we assume that the ESN is 2**32 - 5, because it's closer
than assuming that nearly 2**32 bytes went by, unnoticed.

I hope that's clear. I'll write real code if I still being inarticulate.


AGL

-- 
Adam Langley agl@imperialviolet.org http://www.imperialviolet.org
_______________________________________________
tcpm mailing list
tcpm@ietf.org
https://www.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email