Fixing SSL (was Re: Dutch Transport Card Broken)
Eric Rescorla
ekr at networkresonance.com
Wed Jan 30 13:06:14 EST 2008
At Wed, 30 Jan 2008 17:59:51 -0000,
Dave Korn wrote:
>
> On 30 January 2008 17:03, Eric Rescorla wrote:
>
>
> >>> We really do need to reinvent and replace SSL/TCP,
> >>> though doing it right is a hard problem that takes more
> >>> than morning coffee.
> >>
> >> TCP could need some stronger integrity protection. 8 Bits of checksum isn´t
> >> enough in reality. (1 out of 256 broken packets gets injected into your TCP
> >> stream) Does IPv6 have a stronger TCP?
> >
> > Whether this is true or not depends critically on the base rate
> > of errors in packets delivered to TCP by the IP layer, since
> > the rate of errors delivered to SSL is 1/256th of those delivered
> > to the TCP layer.
>
> Out of curiosity, what kind of TCP are you guys using that has 8-bit
> checksums?
You're right. It's 16 bit, isn't it. I plead it being early in
the morning. I think my point now applies even moreso :)
> > Since link layer checksums are very common,
> > as a practical matter errored packets getting delivered to protocols
> > above TCP is quite rare.
>
> Is it not also worth mentioning that TCP has some added degree of protection
> in that if the ACK sequence num isn't right, the packet is likely to be
> dropped (or just break the stream altogether by desynchronising the seqnums)?
Right, so this now depends on the error model...
-Ekr
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list