--- 1/draft-ietf-mptcp-threat-05.txt 2010-12-07 14:13:20.000000000 +0100 +++ 2/draft-ietf-mptcp-threat-06.txt 2010-12-07 14:13:20.000000000 +0100 @@ -1,18 +1,18 @@ Network Working Group M. Bagnulo Internet-Draft UC3M -Intended status: Informational December 6, 2010 -Expires: June 9, 2011 +Intended status: Informational December 7, 2010 +Expires: June 10, 2011 Threat Analysis for Multi-addressed/Multi-path TCP - draft-ietf-mptcp-threat-05 + draft-ietf-mptcp-threat-06 Abstract Multi-path TCP (MPTCP for short) describes the extensions proposed for TCP so that each endpoint of a given TCP connection can use multiple IP addresses to exchange data (instead of a single IP address per endpoint as currently defined). Such extensions enable the exchange of segments using different source-destination address pairs, resulting in the capability of using multiple paths in a significant number of scenarios. In particular, some level of @@ -29,21 +29,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on June 9, 2011. + This Internet-Draft will expire on June 10, 2011. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -62,22 +62,24 @@ 5. Flooding attacks . . . . . . . . . . . . . . . . . . . . . . . 7 6. Hijacking attacks . . . . . . . . . . . . . . . . . . . . . . 10 6.1. Hijacking attacks to the Basic MPTCP protocol . . . . . . 10 6.2. Time-shifted hijacking attacks . . . . . . . . . . . . . . 12 6.3. NAT considerations . . . . . . . . . . . . . . . . . . . . 14 7. Recommendation . . . . . . . . . . . . . . . . . . . . . . . . 15 8. Security Considerations . . . . . . . . . . . . . . . . . . . 15 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 15 10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 15 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 15 - 12. Informative References . . . . . . . . . . . . . . . . . . . . 16 - Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 16 + 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 + 12.1. Normative References . . . . . . . . . . . . . . . . . . . 16 + 12.2. Informative References . . . . . . . . . . . . . . . . . . 16 + Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 17 1. Introduction Multi-path TCP (MPTCP for short) describes the extensions proposed for TCP [RFC0793] so that each endpoint of a given TCP connection can use multiple IP addresses to exchange data (instead of a single IP address per endpoint as currently defined). Such extensions enable the exchange of segments using different source-destination address pairs, resulting in the capability of using multiple paths in a significant number of scenarios. In particular, some level of @@ -649,30 +652,30 @@ The default security mechanisms for MPTCP should be to exchange a key in clear text in the establishment of the first subflow and then secure following address additions by using a keyed HMAC using the exchanged key. MPTCP security mechanism should support using a pre-shared key to be used in the keyed HMAC, providing a higher level of protection than the previous one. A mechanism to prevent replay attacks using these messages should be - provided e.g. a sequence number protected by the HMAC + provided e.g. a sequence number protected by the HMAC. The MPTCP protocol should be extensible and it should able to accommodate multiple security solutions, in order to enable the usage of more secure mechanisms if needed. 8. Security Considerations This note contains a security analysis for MPTCP, so no further - security considerations need to be described in this section + security considerations need to be described in this section. 9. IANA Considerations This document does not require any action from IANA. 10. Contributors Alan Ford - Roke Manor Research Ltd. 11. Acknowledgments @@ -681,21 +684,28 @@ Michael Scharf, Tim Shepard, Yoshifumi Nishida reviewed an earlier version of this document and provided comments to improve it. Mark Handley pointed out the problem with NATs and integrity protection of MPTCP signaling. Marcelo Bagnulo is partly funded by Trilogy, a research project supported by the European Commission under its Seventh Framework Program. -12. Informative References +12. References + +12.1. Normative References + + [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, + RFC 793, September 1981. + +12.2. Informative References [RFC4225] Nikander, P., Arkko, J., Aura, T., Montenegro, G., and E. Nordmark, "Mobile IP Version 6 Route Optimization Security Design Background", RFC 4225, December 2005. [RFC4218] Nordmark, E. and T. Li, "Threats Relating to IPv6 Multihoming Solutions", RFC 4218, October 2005. [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", RFC 3972, March 2005. @@ -710,23 +720,20 @@ [RFC3775] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support in IPv6", RFC 3775, June 2004. [RFC5533] Nordmark, E. and M. Bagnulo, "Shim6: Level 3 Multihoming Shim Protocol for IPv6", RFC 5533, June 2009. [RFC4960] Stewart, R., "Stream Control Transmission Protocol", RFC 4960, September 2007. - [RFC0793] Postel, J., "Transmission Control Protocol", STD 7, - RFC 793, September 1981. - Author's Address Marcelo Bagnulo Universidad Carlos III de Madrid Av. Universidad 30 Leganes, Madrid 28911 SPAIN Phone: 34 91 6248814 Email: marcelo@it.uc3m.es