Re: IPv4 Security redux

[shirey@mitre.org (Robert W. Shirey)]

At 10:56 AM 4/22/93 -0400, Robert Hagens wrote:
>> 
>> 
>> Packet serial number - used to thwart replay attacks. When this number
>> is lost (e.g., due to a reboot) or wraps around, rekeying is required.
>> Given this last rule, 2 bytes should be plenty. Included in the
>> authenticator. Not sure whether it should be encrypted or not; leaving
>> this in the clear makes it easier to filter out a heavy flood of replays
>> without spending cycles decrypting them first.
>>
>
>I don't understand how 2 bytes is plenty. If you increment the sequence number
>on every packet you send, and you want to re-key when you wrap around,
>you run the risk of rekeying very often. Consider sending 200 byte packets
>on a T1 link - you will wrap around in alittle over a minute. I don't want
>to rekey every minute. I think 3 bytes is the minimum you need.
>
>Rob Hagens
>ANS Reston

The last time the community thought about this was some time ago, when data
rates were much lower, at the time the TCP was spec'ed.  The conclusion
then was that 4 bytes were needed.

Check my arithmetic (please!), but 1.544 million bits per second (Mbps) in
200 byte packets causes the 32-bit TCP sequence number to wrap in 464
hours, 45 Mbps wraps in 16 hours, 155 Mbps wraps in 4.6 hours, and 622 Mbps
wraps in 1.15 hours.

Dividing by 2^8=256, we see that a three-byte space would wrap in 1501
minutes, 51 minutes, 15 minutes, and 3.72 minutes.  This hardly seems
adequate. 

Regards, -Rob-

Robert W. Shirey, The MITRE Corporation, Mail Stop Z202
7525 Colshire Dr., McLean, Virginia  22102-3481  USA
shirey@mitre.org * tel 703-883-7210 * fax 703-883-1397

---

• Prev by Date: Re: IPv4 Security redux
• Next by Date: Re: IPv4 Security & MLS
• Prev by thread: Re: IPv4 Security redux
• Next by thread: Re: IPv4 Security redux
• Index(es):
  • Main
  • Thread