IETF Logo Mail Archive

Re: [tcpm] poll for adoption of draft-gont-tcpm-tcp-timestamps-03

Fernando Gont <fernando@gont.com.ar> Wed, 24 March 2010 04:11 UTC

Return-Path: <fernando@gont.com.ar>
X-Original-To: tcpm@core3.amsl.com
Delivered-To: tcpm@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 093E43A6C27 for <tcpm@core3.amsl.com>; Tue, 23 Mar 2010 21:11:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.165
X-Spam-Level: *
X-Spam-Status: No, score=1.165 tagged_above=-999 required=5 tests=[AWL=0.415, BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13, RCVD_IN_DNSWL_LOW=-1, RCVD_IN_SORBS_WEB=0.619]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f1-XZxvg7wQ6 for <tcpm@core3.amsl.com>; Tue, 23 Mar 2010 21:11:09 -0700 (PDT)
Received: from smtp1.xmundo.net (smtp1.xmundo.net [201.216.232.80]) by core3.amsl.com (Postfix) with ESMTP id 244A93A6C24 for <tcpm@ietf.org>; Tue, 23 Mar 2010 21:11:05 -0700 (PDT)
Received: from venus.xmundo.net (venus.xmundo.net [201.216.232.56]) by smtp1.xmundo.net (Postfix) with ESMTP id A1E956B68A9; Wed, 24 Mar 2010 01:11:29 -0300 (ART)
Received: from [192.168.1.102] (102-134-17-190.fibertel.com.ar [190.17.134.102]) (authenticated bits=0) by venus.xmundo.net (8.13.8/8.13.8) with ESMTP id o2O4BLiv012994; Wed, 24 Mar 2010 01:11:22 -0300
Message-ID: <4BA990EC.7030501@gont.com.ar>
Date: Wed, 24 Mar 2010 01:11:24 -0300
From: Fernando Gont <fernando@gont.com.ar>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: mallman@icir.org
References: <20100324031529.899D6BB39B1@lawyers.icir.org>
In-Reply-To: <20100324031529.899D6BB39B1@lawyers.icir.org>
X-Enigmail-Version: 0.96.0
OpenPGP: id=D076FFF1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH authentication, not delayed by milter-greylist-3.0 (venus.xmundo.net [201.216.232.56]); Wed, 24 Mar 2010 01:11:29 -0300 (ART)
Cc: "tcpm@ietf.org" <tcpm@ietf.org>, Joe Touch <touch@isi.edu>
Subject: Re: [tcpm] poll for adoption of draft-gont-tcpm-tcp-timestamps-03
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tcpm>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Mar 2010 04:11:11 -0000

Mark Allman wrote:

> This document really has two parts: (1) a mechanism that provides a
> random starting point for timestamps based on a hash of the 4-tuple and
> some secret sauce and (2) a mechanism for TIME-WAIT truncation based on
> observed timestamps on subsequent connections involving the same
> 4-tuple.  However, these two items are really not related at all---other
> than that they both involve timestamps.

The relationship is that (2) needs timestamps that are
monotonically-increasing across connections. (1) provides a scheme that
complies with such requirement and that also has the good property that
it makes it hard for an off-path attacker to guess the timestamps in use
by victim connections.



> It seems from our on- and off-list discussion that both of us find (2)
> useful.  But, it doesn't depend on (1) at all.  Further, I believe we
> both find (1) to be dubious (there seems to be not much security benefit
> and there are concerns about storage & computation (more Joe's than
> mine, but)).

32 bits of additional state for each connection is such a big deal?



> So, a compromise proposal could be to take (2) as a work item and
> jettison (1).  I personally would support a (2)-not-(1) document more
> strongly than the current version.
> 
> Or, at least perhaps we could see more motivation for (1) that would
> sway us to understanding the tangible benefit it offers.

Using unpredictable values is acting pro-actively. If we, say, propose
to have a global counter for generating the timestamps, at some point
we'll be re-hashing the same type of discussion we've had for "in
window" attacks, but for TCP timestamps.

Actually, at least part of this discussion has already taken place:
there's a CERT advisory on predictable timestamps (I think I referenced
it in the I-D), and some implementations have chosen to trivially
randomize the timestamps (i.e., "just call "random()"), which does not
allow (2) to work - most likely because they didn't want predictable
timestamps, but didin't have any other option at hand.

Thanks,
-- 
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

v2.23.0 | Report a Bug | By Email