MPTCP Protocol draft-ietf-mptcp-multiaddressed-02 Update and Open Issues Alan Ford IETF79 – Beijing 1.

Slides:

Advertisements

Similar presentations

Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks Multipath.

Advertisements

Computer Security and Penetration Testing

Transport Layer – TCP (Part2) Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF.

IS333, Ch. 26: TCP Victor Norman Calvin College 1.

UDP & TCP Where would we be without them!. UDP User Datagram Protocol.

1 Chapter 3 TCP and IP. Chapter 3 TCP and IP 2 Introduction Transmission Control Protocol (TCP) Transmission Control Protocol (TCP) User Datagram Protocol.

Transport Layer – TCP (Part1) Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

1 Internet Networking Spring 2003 Tutorial 11 Explicit Congestion Notification (RFC 3168) Limited Transmit (RFC 3042)

1 Internet Networking Spring 2003 Tutorial 11 Explicit Congestion Notification (RFC 3168)

Stream Control Transmission Protocol 網路前瞻技術實驗室陳旻槿.

1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #8 Explicit Congestion Notification (RFC 3168) Limited Transmit.

Gursharan Singh Tatla Transport Layer 16-May

MPTCP Proxy Support Costin Raiciu. Explicit Proxies The MPTCP host knows about the proxy (e.g. via DHCP) All connections are made to the proxy – Signaling.

TRANSPORT LAYER T.Najah Al-Subaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System NET331.

Whither Congestion Control? Sally Floyd E2ERG, July

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

Multipath TCP Signaling Options or Payload? Costin Raiciu

CS332, Ch. 26: TCP Victor Norman Calvin College 1.

1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.

Transmission Control Protocol

1 Lecture 14 High-speed TCP connections Wraparound Keeping the pipeline full Estimating RTT Fairness of TCP congestion control Internet resource allocation.

MPTCP – MULTIPATH TCP Interim meeting #3 20 th October 2011 audio Yoshifumi Nishida Philip Eardley.

Karlstad University IP security Ge Zhang

Byte and Packet Congestion Notification draft-briscoe-tsvwg-byte-pkt-mark-01.txt draft-briscoe-tsvwg-byte-pkt-mark-01.txt Bob Briscoe, BT & UCL IETF-70.

March 7, 2008Security Proposal 1 CCSDS Link Security Proposal Ed Greenberg Greg Kazz Howard Weiss March 7, 2008.

IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.

Multipath TCP Update Philip Eardley, MPTCP WG Co-Chair tsvarea 1 st August, IETF-87, Berlin 1.

CISC856 University of Delaware

MultiPath TCP Proxy Presented by: Yongzhi Zhuang, Wei Zeng, Jianlei Zhang.

TCP-AO Key Management Sandra Murphy

Multipath TCP Security Issues: A Request for Assistance Alan Ford (MPTCP WG)

IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.

Review of key networking techniques: –Reliable communication over unreliable channels –Error detection and correction –Medium access control –routing –Congestion.

Multipath TCP ACM Queue, Volume 12 Issue 2, pp. 1-12, February 2014 Christoph Paasch and Olivier Bonaventure University College London 1.

Multipath TCP Signaling Options or Payload? Costin Raiciu

1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.

MPTCP Protocol – Status Update draft-ietf-mptcp-multiaddressed-01 Alan Ford IETF 78 – Maastricht.

MPTCP Protocol – Updates draft-ietf-mptcp-multiaddressed-03 Alan Ford, Costin Raiciu, Mark Handley, Olivier Bonaventure.

UDP & TCP Where would we be without them!. UDP User Datagram Protocol.

MPTCP Threat analysis draft-bagnulo-mptcp-threat-00 marcelo bagnulo IETF76 – MPTCP WG.

IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.

IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.

Mptcp proxies Mark Handley. MPTCP Mobility Mobile client 3G celltower Server.

RPSEC WG Issues with Routing Protocols security mechanisms Vishwas Manral, SiNett Russ White, Cisco Sue Hares, Next Hop IETF 63, Paris, France.

MPTCP proxy mechanisms (draft-wei-mptcp-proxy-mechanism-00)

K. Salah1 Security Protocols in the Internet IPSec.

Multi-addressed Multipath TCP draft-ford-mptcp-multiaddressed-02 Alan Ford Costin Raiciu, Mark Handley.

11 CS716 Advanced Computer Networks By Dr. Amir Qayyum.

MPTCP Proxy MPTCP Client MPTCP Proxy Server.

Cryptography CSS 329 Lecture 13:SSL.

Establishing Host Identity Protocol Opportunistic Mode with TCP Option

By, Nirnimesh Ghose, Master of Science,

Internet Networking recitation #9

Datacenter-scale load balancing for Multipath TCP

MPTCP – Multipath TCP WG Meeting Berlin, IETF-87, 30th July 2013

5. End-to-end protocols (part 1)

ECE 4605 Edgar Duskin Ifiok Udowana

Long-haul Transport Protocols

Process-to-Process Delivery

Extending Option Space Discussion Overview and its requirements

TCP Transport layer Er. Vikram Dhiman LPU.

Multi-addressed Multipath TCP

TCP - Part I Relates to Lab 5. First module on TCP which covers packet format, data transfer, and connection management.

COS 561: Advanced Computer Networks

Internet Networking recitation #10

Transport Layer 9/22/2019.

TCP Connection Management

Presentation transcript:

MPTCP Protocol draft-ietf-mptcp-multiaddressed-02 Update and Open Issues Alan Ford IETF79 – Beijing 1

Changes since -01 Subflow policy control DSN_MAP checksum Security proposal Various editorial fixes 2

Receiver Subflow Policy Control Previously, sender was in full control – no way of receiver signalling preferences of paths. –E.g. for varying monetary costs of paths. Overloading ECN signal was not welcomed. So, we have added a flag to MP_JOIN and ADD_ADDR to identify a subflow as “backup”. Signals to other peer only to send traffic on this subflow if no non-backups are available. New MP_PRIO option to change this during the lifetime of a subflow. 3

DSN_MAP Checksum DSN_MAP provides mapping between subflow and connection-level sequence spaces A checksum is needed to detect if middlebox has changed data on subflow, since this could break sequence numbering alignment Previous proposals: – CRC-32: too expensive – Copying first/last bytes: too unreliable Now using TCP checksum algorithm over data Lightweight, suitable for our needs, and can be combined with segment checksumming 4

Security We need to mitigate against the identified threats: hijacking and flooding attacks We need a security mechanism at subflow initiation to ensure: – That the new subflow does belong as part of the MPTCP connection – i.e. the two hosts at each end of the new MPTCP subflow are the same as those at the start of the MPTCP connection 5

Previous (-01) Proposal 6

Each end has a 32-bit token Tokens used as authenticators – Seen in every subflow SYN exchange – Once you know one, you can glean the other IDSN set at MP_CAPABLE handshake DSNs used as blind attack security – Need heuristics for dropping subflows; do not send DATA_ACK until DSN_MAP seen Not stateless (but could echo tokens in ACK) 7

Current (-02) Proposal Connection setup (MP_CAPABLE) exchanges keys: – SYNA->B: Option carries (K-A) – SYN/ACKB->A: Option carries (K-B) – ACKA->B: Options carry (K-A, K-B) Initial DSNs created from hashes of Keys New subflows (MP_JOIN) uses hash of Key as Token for Connection ID, plus Random Number (for replay protection), and HMACs this data using the Keys (keys never again seen in the clear): – SYNA->B:Option carries (Tok-B, R-A) – SYN/ACKB->A:Option carries (Tok-A, R-B) – ACKA->B:Payload carries: HMAC(Key=K-A|K-B, Message=R-A|R-B) – ACKB->A:Payload carries: HMAC(Key=K-B|K-A, Message=R-B|R-A) 8

Current (-02) Proposal 9

Suitable? What is “good enough”? We want something no worse than TCP. Over and above the previous proposal, in this hash-based security, the only vulnerable point is the initial subflow SYN exchange – all other subflow establishment is protected. It protects against the threats and meets the recommendations in draft-ietf-mptcp-threat-03. But it involves more complexity, including using the initial two packets of payload. Is it accepted that the previous proposal was insufficiently secure? Sufficient key/token lengths in the new proposal? Are there other options out there we could re-use? E.g. adaptations of TCP-AO? Flags for agility can be deployed in MP_CAPABLE. 10

Any other open issues? “Lightweight MPTCP” – Demand for optional components for trusted environments, e.g. checksums, security? – Or leave to implementation? Implementations are ongoing… – Wide-scale testing will help to identify any unexpected issues, and help to develop behavioural heuristics Do things seem sound for now? 11