1 / 4

TCP Timestamps for Secure Connections Across Sessions Draft

Overview and benefits of using monotonic TCP timestamps for improved connection security and heuristics in TCP protocol. Proposal for adopting a new algorithm to enhance TCP timestamp selection.

tdawe
Download Presentation

TCP Timestamps for Secure Connections Across Sessions Draft

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. On the generation of TCP timestamps(draft-gont-tcpm-tcp-timestamps) Fernando Gont on behalf of UK CPNI 73rd IETF meeting, November 16-21, 2008 Minneapolis, MN, USA

  2. Overview • RFC1323 describes the generation of TCP timestamps • It states that they must be monotonicaly-increasing for a given connections • However, it does not require timestamps to be monotonically-increasing accross TCP connections (protection against stale segments from previous connections is provided by the TIME-WAIT state and the quiet-time concept). • However, timestamps that are monotonically-increasing accross TCP connections can be useful: • They allow the implementation of heuristics for handling incomming connection request when there’s a previous incarnation of the same connection in the TIME-WAIT state • This is similar to what BSD-derived implementations have done with TCP ISNs, but probably works better than the TCP SEQ hack.

  3. So… what is this document about? • It describes an algorithm for selecting TCP timestamps such that • The TCP timestamps are monotonically-increasing accross TCP connections • The chances of an off-path attacker for guessing the TCP timestamps used for future connections are reduced • It describes the heuristics that can be implemented based on the TCP timestamps when processing incoming connection requests. • This already ships with Linux

  4. Moving forward Should we adopt this document as a wg item?

More Related