Re: [tcpm] tcp-auth-opt issue: support for NATs

"Adam Langley" <> Thu, 07 August 2008 00:41 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id AEB093A6AAC; Wed, 6 Aug 2008 17:41:46 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id 2559D3A6AAC for <>; Wed, 6 Aug 2008 17:41:46 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.383
X-Spam-Status: No, score=-1.383 tagged_above=-999 required=5 tests=[AWL=-0.006, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, J_CHICKENPOX_16=0.6]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 5rbemjHhyhw5 for <>; Wed, 6 Aug 2008 17:41:45 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 6033C3A677D for <>; Wed, 6 Aug 2008 17:41:45 -0700 (PDT)
Received: by with SMTP id b25so154079rvf.49 for <>; Wed, 06 Aug 2008 17:42:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender :to:subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references :x-google-sender-auth; bh=JAUhrBmIlVKeEcOIPR2r4MkRYo8r3E//3dvl+FlOhh4=; b=BIuFC3xRzq50UqoG2/2MsJ2SuzOhk8IhIFKCkD5QldFRSqGCA6LL5Kb1UMxrO1wnQ8 GfS6t3wEsvd3QA07hGXzBm2hjbnEne23WV70oBvgln9vyFLCai0AzcLVanFR6AMQ4wG5 V1WMDu+wHOhdUJlEIIpFhWywOwcYhcWbR1Uo8=
DomainKey-Signature: a=rsa-sha1; c=nofws;; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references:x-google-sender-auth; b=pPTEuYwdBt65aoOfi6N4Jio2tIm2I4GRI0hlK8fdB6dOK8A2CbCOWgpeq++5eHaItS 5yE5FmmRspyjjWgs9MFcsqxElaMhR1C5AqPgaWzMnHoZhfk3/u5+7AkdIi/i7hxNaynm HymuCW+8sKcXC8XePc0TXgv1C504jDOyFPw5Q=
Received: by with SMTP id r13mr20797rvo.53.1218069739538; Wed, 06 Aug 2008 17:42:19 -0700 (PDT)
Received: by with HTTP; Wed, 6 Aug 2008 17:42:19 -0700 (PDT)
Message-ID: <>
Date: Wed, 06 Aug 2008 17:42:19 -0700
From: Adam Langley <>
To: Eric Rescorla <>
In-Reply-To: <>
MIME-Version: 1.0
Content-Disposition: inline
References: <> <> <> <> <> <> <>
X-Google-Sender-Auth: 0cb8383f3b9d9340
Cc:, Joe Touch <>
Subject: Re: [tcpm] tcp-auth-opt issue: support for NATs
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

On Tue, Aug 5, 2008 at 7:02 PM, Eric Rescorla <> wrote:
> Isn't the whole point of the key-ids to avoid requiring this?

Well, keyids would be required too. Here's how I see it working.

Define a synchronisation range, R, say 1 minute. We require that the
maximum skew between two clocks is R.

Define a key rotation timespan, T, say 1 minute. Let N be the maximum
number of keys that exist in a timespan of 2R. In our example, this is

Define a function K(master, t) that maps a timestamp to a key derived
from a master key and a keyid in [0, N). For example, F(master, t) =
SHA1(master + uint32be (t/T)) with keyid (t/T) `mod` N.

At any time, a client transmits with key and keyid from F(master,
currentTime). At any time, the server accepts SYN signed with any
keyid and key in a span of 2R centered around the current time.

So one can only connect if one's clock skew is acceptable and one
knows the master key.

The keys for the resulting connection would be connection specific,
probably hashing in the SEQ/ACK numbers, other stuff etc.


Adam Langley
tcpm mailing list