[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Fwd: Minutes / Notes

To: Pekka Nikander <pekka.nikander@nomadiclab.com>
Subject: Re: Fwd: Minutes / Notes
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Date: Fri, 25 Jul 2003 17:16:53 +0859 ()
Cc: multi6@ops.ietf.org
In-reply-to: <3F20C221.6090407@nomadiclab.com> from Pekka Nikander at "Jul 25,2003 08:37:37 am"

Pekka Nikander;

> > Assuming that there is no packet losses and that the attacker
> > send acks slowly enough, maybe.
> 
> The attacker doesn't need to send the acks very slowly. See

Yes, it does.

> Stefan Savage, Neal Cardwell, David Wetherall, and Tom Anderson,
> "TCP Congestion Control with a Misbehaving Receiver",
> CCR, 1999.
> 
> Note especially that after some initial data stream,
> the attacker can ignore incoming data (attack 3).

Wrong.

As the paper says:

	Moreover, if an ACK arrives for data that has not yet
	been sent, this is generally ignored by the sending TCP

the attacker must be able to know the current sequence number of
a sender and reply ACKs with a sequence number a little more
than that, or the ACKs are ignored.

That is, the attacker should send ACKs slowly enough not to
exceed the sequence number currently used by the sender.

						Masataka Ohta

Follow-Ups:
- Re: Fwd: Minutes / Notes
  - From: Pekka Nikander <pekka.nikander@nomadiclab.com>

References:
- Re: Fwd: Minutes / Notes
  - From: Pekka Nikander <pekka.nikander@nomadiclab.com>

Prev by Date: Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
Next by Date: Re: Minutes / Notes
Previous by thread: Re: Fwd: Minutes / Notes
Next by thread: Re: Fwd: Minutes / Notes
Index(es):
- Date
- Thread