One document matched: draft-paasch-mptcp-lowoverhead-00.ps
%!PS-Adobe-3.0
%%BoundingBox: 18 36 594 756
%%Title: Enscript Output
%%Creator: GNU Enscript 1.6.5.90
%%CreationDate: Mon Oct 15 11:13:05 2012
%%Orientation: Portrait
%%Pages: (atend)
%%DocumentMedia: Letter 612 792 0 () ()
%%DocumentNeededResources: (atend)
%%EndComments
%%BeginProlog
%%BeginResource: procset Enscript-Prolog 1.6.5 90
%
% Procedures.
%
/_S { % save current state
/_s save def
} def
/_R { % restore from saved state
_s restore
} def
/S { % showpage protecting gstate
gsave
showpage
grestore
} bind def
/MF { % fontname newfontname -> - make a new encoded font
/newfontname exch def
/fontname exch def
/fontdict fontname findfont def
/newfont fontdict maxlength dict def
fontdict {
exch
dup /FID eq {
% skip FID pair
pop pop
} {
% copy to the new font dictionary
exch newfont 3 1 roll put
} ifelse
} forall
newfont /FontName newfontname put
% insert only valid encoding vectors
encoding_vector length 256 eq {
newfont /Encoding encoding_vector put
} if
newfontname newfont definefont pop
} def
/MF_PS { % fontname newfontname -> - make a new font preserving its enc
/newfontname exch def
/fontname exch def
/fontdict fontname findfont def
/newfont fontdict maxlength dict def
fontdict {
exch
dup /FID eq {
% skip FID pair
pop pop
} {
% copy to the new font dictionary
exch newfont 3 1 roll put
} ifelse
} forall
newfont /FontName newfontname put
newfontname newfont definefont pop
} def
/SF { % fontname width height -> - set a new font
/height exch def
/width exch def
findfont
[width 0 0 height 0 0] makefont setfont
} def
/SUF { % fontname width height -> - set a new user font
/height exch def
/width exch def
/F-gs-user-font MF
/F-gs-user-font width height SF
} def
/SUF_PS { % fontname width height -> - set a new user font preserving its enc
/height exch def
/width exch def
/F-gs-user-font MF_PS
/F-gs-user-font width height SF
} def
/M {moveto} bind def
/s {show} bind def
/Box { % x y w h -> - define box path
/d_h exch def /d_w exch def /d_y exch def /d_x exch def
d_x d_y moveto
d_w 0 rlineto
0 d_h rlineto
d_w neg 0 rlineto
closepath
} def
/bgs { % x y height blskip gray str -> - show string with bg color
/str exch def
/gray exch def
/blskip exch def
/height exch def
/y exch def
/x exch def
gsave
x y blskip sub str stringwidth pop height Box
gray setgray
fill
grestore
x y M str s
} def
/bgcs { % x y height blskip red green blue str -> - show string with bg color
/str exch def
/blue exch def
/green exch def
/red exch def
/blskip exch def
/height exch def
/y exch def
/x exch def
gsave
x y blskip sub str stringwidth pop height Box
red green blue setrgbcolor
fill
grestore
x y M str s
} def
% Highlight bars.
/highlight_bars { % nlines lineheight output_y_margin gray -> -
gsave
setgray
/ymarg exch def
/lineheight exch def
/nlines exch def
% This 2 is just a magic number to sync highlight lines to text.
0 d_header_y ymarg sub 2 sub translate
/cw d_output_w cols div def
/nrows d_output_h ymarg 2 mul sub lineheight div cvi def
% for each column
0 1 cols 1 sub {
cw mul /xp exch def
% for each rows
0 1 nrows 1 sub {
/rn exch def
rn lineheight mul neg /yp exch def
rn nlines idiv 2 mod 0 eq {
% Draw highlight bar. 4 is just a magic indentation.
xp 4 add yp cw 8 sub lineheight neg Box fill
} if
} for
} for
grestore
} def
% Line highlight bar.
/line_highlight { % x y width height gray -> -
gsave
/gray exch def
Box gray setgray fill
grestore
} def
% Column separator lines.
/column_lines {
gsave
.1 setlinewidth
0 d_footer_h translate
/cw d_output_w cols div def
1 1 cols 1 sub {
cw mul 0 moveto
0 d_output_h rlineto stroke
} for
grestore
} def
% Column borders.
/column_borders {
gsave
.1 setlinewidth
0 d_footer_h moveto
0 d_output_h rlineto
d_output_w 0 rlineto
0 d_output_h neg rlineto
closepath stroke
grestore
} def
% Do the actual underlay drawing
/draw_underlay {
ul_style 0 eq {
ul_str true charpath stroke
} {
ul_str show
} ifelse
} def
% Underlay
/underlay { % - -> -
gsave
0 d_page_h translate
d_page_h neg d_page_w atan rotate
ul_gray setgray
ul_font setfont
/dw d_page_h dup mul d_page_w dup mul add sqrt def
ul_str stringwidth pop dw exch sub 2 div ul_h_ptsize -2 div moveto
draw_underlay
grestore
} def
/user_underlay { % - -> -
gsave
ul_x ul_y translate
ul_angle rotate
ul_gray setgray
ul_font setfont
0 0 ul_h_ptsize 2 div sub moveto
draw_underlay
grestore
} def
% Page prefeed
/page_prefeed { % bool -> -
statusdict /prefeed known {
statusdict exch /prefeed exch put
} {
pop
} ifelse
} def
% Wrapped line markers
/wrapped_line_mark { % x y charwith charheight type -> -
/type exch def
/h exch def
/w exch def
/y exch def
/x exch def
type 2 eq {
% Black boxes (like TeX does)
gsave
0 setlinewidth
x w 4 div add y M
0 h rlineto w 2 div 0 rlineto 0 h neg rlineto
closepath fill
grestore
} {
type 3 eq {
% Small arrows
gsave
.2 setlinewidth
x w 2 div add y h 2 div add M
w 4 div 0 rlineto
x w 4 div add y lineto stroke
x w 4 div add w 8 div add y h 4 div add M
x w 4 div add y lineto
w 4 div h 8 div rlineto stroke
grestore
} {
% do nothing
} ifelse
} ifelse
} def
% EPSF import.
/BeginEPSF {
/b4_Inc_state save def % Save state for cleanup
/dict_count countdictstack def % Count objects on dict stack
/op_count count 1 sub def % Count objects on operand stack
userdict begin
/showpage { } def
0 setgray 0 setlinecap
1 setlinewidth 0 setlinejoin
10 setmiterlimit [ ] 0 setdash newpath
/languagelevel where {
pop languagelevel
1 ne {
false setstrokeadjust false setoverprint
} if
} if
} bind def
/EndEPSF {
count op_count sub { pos } repeat % Clean up stacks
countdictstack dict_count sub { end } repeat
b4_Inc_state restore
} bind def
% Check PostScript language level.
/languagelevel where {
pop /gs_languagelevel languagelevel def
} {
/gs_languagelevel 1 def
} ifelse
%%EndResource
%%BeginResource: procset Enscript-Encoding-88591 1.6.5 90
/encoding_vector [
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/space /exclam /quotedbl /numbersign
/dollar /percent /ampersand /quoteright
/parenleft /parenright /asterisk /plus
/comma /hyphen /period /slash
/zero /one /two /three
/four /five /six /seven
/eight /nine /colon /semicolon
/less /equal /greater /question
/at /A /B /C
/D /E /F /G
/H /I /J /K
/L /M /N /O
/P /Q /R /S
/T /U /V /W
/X /Y /Z /bracketleft
/backslash /bracketright /asciicircum /underscore
/quoteleft /a /b /c
/d /e /f /g
/h /i /j /k
/l /m /n /o
/p /q /r /s
/t /u /v /w
/x /y /z /braceleft
/bar /braceright /tilde /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/.notdef /.notdef /.notdef /.notdef
/space /exclamdown /cent /sterling
/currency /yen /brokenbar /section
/dieresis /copyright /ordfeminine /guillemotleft
/logicalnot /hyphen /registered /macron
/degree /plusminus /twosuperior /threesuperior
/acute /mu /paragraph /bullet
/cedilla /onesuperior /ordmasculine /guillemotright
/onequarter /onehalf /threequarters /questiondown
/Agrave /Aacute /Acircumflex /Atilde
/Adieresis /Aring /AE /Ccedilla
/Egrave /Eacute /Ecircumflex /Edieresis
/Igrave /Iacute /Icircumflex /Idieresis
/Eth /Ntilde /Ograve /Oacute
/Ocircumflex /Otilde /Odieresis /multiply
/Oslash /Ugrave /Uacute /Ucircumflex
/Udieresis /Yacute /Thorn /germandbls
/agrave /aacute /acircumflex /atilde
/adieresis /aring /ae /ccedilla
/egrave /eacute /ecircumflex /edieresis
/igrave /iacute /icircumflex /idieresis
/eth /ntilde /ograve /oacute
/ocircumflex /otilde /odieresis /divide
/oslash /ugrave /uacute /ucircumflex
/udieresis /yacute /thorn /ydieresis
] def
%%EndResource
%%EndProlog
%%BeginSetup
%%IncludeResource: font Courier-Bold
%%IncludeResource: font Courier
/HFpt_w 10 def
/HFpt_h 10 def
/Courier-Bold /HF-gs-font MF
/HF /HF-gs-font findfont [HFpt_w 0 0 HFpt_h 0 0] makefont def
/Courier /F-gs-font MF
/F-gs-font 10 10 SF
/#copies 1 def
% Pagedevice definitions:
gs_languagelevel 1 gt {
<<
/PageSize [612 792]
>> setpagedevice
} if
/d_page_w 576 def
/d_page_h 720 def
/d_header_x 0 def
/d_header_y 720 def
/d_header_w 576 def
/d_header_h 0 def
/d_footer_x 0 def
/d_footer_y 0 def
/d_footer_w 576 def
/d_footer_h 0 def
/d_output_w 576 def
/d_output_h 720 def
/cols 1 def
%%EndSetup
%%Page: (1) 1
%%BeginPageSetup
_S
18 36 translate
/pagenum 1 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 674 M
(MPTCP C. Paasch, Ed.) s
5 663 M
(Internet-Draft O. Bonaventure) s
5 652 M
(Intended status: Informational UCLouvain) s
5 641 M
(Expires: April 18, 2013 October 15, 2012) s
5 608 M
( MultiPath TCP Low Overhead) s
5 597 M
( draft-paasch-mptcp-lowoverhead-00) s
5 575 M
(Abstract) s
5 553 M
( This document describes a low overhead connection establishment) s
5 542 M
( mechanism for Multipath TCP. Its goal is to reduce the computational) s
5 531 M
( overhead of establishing an MPTCP connection and the associated TCP) s
5 520 M
( subflows in controlled environments where security attacks are not a) s
5 509 M
( concern.) s
5 487 M
(Status of this Memo) s
5 465 M
( This Internet-Draft is submitted in full conformance with the) s
5 454 M
( provisions of BCP 78 and BCP 79.) s
5 432 M
( Internet-Drafts are working documents of the Internet Engineering) s
5 421 M
( Task Force \(IETF\). Note that other groups may also distribute) s
5 410 M
( working documents as Internet-Drafts. The list of current Internet-) s
5 399 M
( Drafts is at http://datatracker.ietf.org/drafts/current/.) s
5 377 M
( Internet-Drafts are draft documents valid for a maximum of six months) s
5 366 M
( and may be updated, replaced, or obsoleted by other documents at any) s
5 355 M
( time. It is inappropriate to use Internet-Drafts as reference) s
5 344 M
( material or to cite them other than as "work in progress.") s
5 322 M
( This Internet-Draft will expire on April 18, 2013.) s
5 300 M
(Copyright Notice) s
5 278 M
( Copyright \(c\) 2012 IETF Trust and the persons identified as the) s
5 267 M
( document authors. All rights reserved.) s
5 245 M
( This document is subject to BCP 78 and the IETF Trust's Legal) s
5 234 M
( Provisions Relating to IETF Documents) s
5 223 M
( \(http://trustee.ietf.org/license-info\) in effect on the date of) s
5 212 M
( publication of this document. Please review these documents) s
5 201 M
( carefully, as they describe your rights and restrictions with respect) s
5 190 M
( to this document. Code Components extracted from this document must) s
5 179 M
( include Simplified BSD License text as described in Section 4.e of) s
5 168 M
( the Trust Legal Provisions and are provided without warranty as) s
5 157 M
( described in the Simplified BSD License.) s
5 113 M
(Paasch & Bonaventure Expires April 18, 2013 [Page 1]) s
_R
S
%%Page: (2) 2
%%BeginPageSetup
_S
18 36 translate
/pagenum 2 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 696 M
(Internet-Draft MPTCP Low Overhead October 2012) s
5 663 M
(Table of Contents) s
5 641 M
( 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3) s
5 630 M
( 2. Connection initiation . . . . . . . . . . . . . . . . . . . . . 3) s
5 619 M
( 3. Starting a new subflow . . . . . . . . . . . . . . . . . . . . 6) s
5 608 M
( 4. Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 7) s
5 597 M
( 4.1. Generating the token . . . . . . . . . . . . . . . . . . . 7) s
5 586 M
( 4.2. Stateless Servers . . . . . . . . . . . . . . . . . . . . . 7) s
5 575 M
( 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 8) s
5 564 M
( 6. Informative References . . . . . . . . . . . . . . . . . . . . 8) s
5 553 M
( Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8) s
5 102 M
(Paasch & Bonaventure Expires April 18, 2013 [Page 2]) s
_R
S
%%Page: (3) 3
%%BeginPageSetup
_S
18 36 translate
/pagenum 3 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 696 M
(Internet-Draft MPTCP Low Overhead October 2012) s
5 663 M
(1. Introduction) s
5 641 M
( This document introduces a variant of the MPTCP handshake that is) s
5 630 M
( suitable for an environment where security attacks are not an issue.) s
5 619 M
( The proposed handshake is a low overhead, low security version of the) s
5 608 M
( MPTCP handshake defined in [I-D.ietf-mptcp-multiaddressed].) s
5 586 M
( Its goal is to provide an MPTCP handshake and authentication) s
5 575 M
( mechanism, reducing the computational overhead provided by MPTCP) s
5 564 M
( version 0.) s
5 531 M
(2. Connection initiation) s
5 509 M
( MultiPath TCP uses the MP_CAPABLE option in the handshake for the) s
5 498 M
( initial subflow. This handshake was designed to meet several) s
5 487 M
( requirements. When designing another variant of the Multipath TCP) s
5 476 M
( handshake, it is important to have these requirements in mind. These) s
5 465 M
( requirements are :) s
5 443 M
( 1. Detect whether the peer supports MultiPath TCP.) s
5 421 M
( 2. Each host generates a locally unique token that unambiguously) s
5 410 M
( identifies the Multipath TCP connection) s
5 388 M
( 3. Agree on an Initial Data Sequence Number to initialize the MPTCP) s
5 377 M
( state on each direction of the Multipath TCP connection) s
5 355 M
( Before discussing the proposed low overhead handshake, it is) s
5 344 M
( important to have in mind how [I-D.ietf-mptcp-multiaddressed] meets) s
5 333 M
( the three requirements above.) s
5 311 M
( The first requirement is simply met by using a Multipath TCP specific) s
5 300 M
( option like all TCP extensions.) s
5 278 M
( To meet the second requirement, a simple solution would have been to) s
5 267 M
( encode the token inside the MP_CAPABLE option. However, this would) s
5 256 M
( have increased the size of the MP_CAPABLE option. This would have) s
5 245 M
( limited the possibility of extending Multipath TCP later by adding) s
5 234 M
( new TCP options that require space inside the SYN segments. To) s
5 223 M
( minimize the number of option bytes consummed in the SYN segment,) s
5 212 M
( [I-D.ietf-mptcp-multiaddressed] uses a hash function to compute the) s
5 201 M
( token based on the keys exchanged in clear. However, using hash) s
5 190 M
( functions implies that implementations must handle the possible) s
5 179 M
( collisions which increases the complexity of the Multipath TCP) s
5 168 M
( handshake.) s
5 146 M
( The third requirement is more subtle but is also important to ensure) s
5 102 M
(Paasch & Bonaventure Expires April 18, 2013 [Page 3]) s
_R
S
%%Page: (4) 4
%%BeginPageSetup
_S
18 36 translate
/pagenum 4 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 696 M
(Internet-Draft MPTCP Low Overhead October 2012) s
5 663 M
( the reliability of a Multipath TCP connection. Let us assume that) s
5 652 M
( Multipath TCP hosts do not agree on an Initial Data Sequence Number.) s
5 641 M
( Consider the following scenario. Host A opens the initial TCP) s
5 630 M
( subflow of the Multipath TCP connection. Host B opens a second) s
5 619 M
( subflow in this Multipath TCP connection. Host B sends one byte with) s
5 608 M
( DSN x over the initial subflow, but this data never reaches host A.) s
5 597 M
( Host B then sends one byte, starting at DSN x+1 over the second) s
5 586 M
( subflow. If host A does not know the Initial Data Sequence Number) s
5 575 M
( used by host B, it cannot determine whether the byte received over) s
5 564 M
( the second subflow can be acknowledged at the DSN level or not.) s
5 553 M
( [I-D.ietf-mptcp-multiaddressed] solves this problem by allowing the) s
5 542 M
( two hosts to derive the Initial Data Sequence Number from the keys) s
5 531 M
( exchanged in the MP_CAPABLE option. However, this is achieved by) s
5 520 M
( computing a hash over the exchanged keys, which increases the) s
5 509 M
( computational overhead of generating/processing the MP_CAPABLE) s
5 498 M
( option.) s
5 476 M
( The figure below provides a simpler and low overhead handshake that) s
5 465 M
( meets the three requirements identified above.) s
5 443 M
( Host A Host B) s
5 432 M
( ---------- ----------) s
5 421 M
( Address A1 Address B1) s
5 410 M
( ---------- ----------) s
5 399 M
( | |) s
5 388 M
( | SYN+MP_CAPABLE\(Token-A, Rand-A\) |) s
5 377 M
( |----------------------------------->|) s
5 366 M
( | |) s
5 355 M
( |SYN/ACK+MP_CAPABLE\(Token-B, Rand-B\) |) s
5 344 M
( |<-----------------------------------|) s
5 333 M
( | |) s
5 322 M
( | ACK+MP_CAPABLE\(Token-A, Rand-A, |) s
5 311 M
( | Token-B, Rand-B\) |) s
5 300 M
( |----------------------------------->|) s
5 278 M
( Handshake of the initial subflow.) s
5 256 M
( Figure 1) s
5 234 M
( MPTCP's establishment of the initial subflow follows TCP's regular) s
5 223 M
( 3-way handshake, but the SYN, SYN/ACK and ACK packets contain the) s
5 212 M
( MP_CAPABLE-option. The proposed MP_CAPABLE option contains one 32) s
5 201 M
( bits token and one 32 bits random number in the SYN and SYN/ACK) s
5 190 M
( segments. The third ACK includes an MP_CAPABLE option that contains) s
5 179 M
( the two tokens and random numbers. The tokens are used to explictely) s
5 168 M
( exchange identifier of the Multipath TCP connection. The random) s
5 157 M
( numbers, combined with the tokens produce the Initial Data Sequence) s
5 146 M
( Numbers. Echoing all the information back in the third ACK allows) s
5 102 M
(Paasch & Bonaventure Expires April 18, 2013 [Page 4]) s
_R
S
%%Page: (5) 5
%%BeginPageSetup
_S
18 36 translate
/pagenum 5 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 696 M
(Internet-Draft MPTCP Low Overhead October 2012) s
5 663 M
( stateless operation of the server.) s
5 641 M
( The format of the proposed MP_CAPABLE option is proposed in the) s
5 630 M
( figures below.) s
5 608 M
( 1 2 3) s
5 597 M
( 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1) s
5 586 M
( +---------------+---------------+-------+-------+---------------+) s
5 575 M
( | Kind | Length |Subtype|Version|A|B|C|D|E|F|G|H|) s
5 564 M
( +---------------+---------------+-------+-------+---------------+) s
5 553 M
( | Sender's Token \(32 bits\) |) s
5 542 M
( +---------------------------------------------------------------+) s
5 531 M
( | Sender's Random Number \(32 bits\) |) s
5 520 M
( +---------------------------------------------------------------+) s
5 498 M
( Format of the MP_CAPABLE-option in the SYN and SYN/ACK packets) s
5 476 M
( Figure 2) s
5 443 M
( 1 2 3) s
5 432 M
( 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1) s
5 421 M
( +---------------+---------------+-------+-------+---------------+) s
5 410 M
( | Kind | Length |Subtype|Version|A|B|C|D|E|F|G|H|) s
5 399 M
( +---------------+---------------+-------+-------+---------------+) s
5 388 M
( | Sender's Token \(32 bits\) |) s
5 377 M
( +---------------------------------------------------------------+) s
5 366 M
( | Sender's Random Number \(32 bits\) |) s
5 355 M
( +---------------------------------------------------------------+) s
5 344 M
( | Receiver's Token \(32 bits\) |) s
5 333 M
( +---------------------------------------------------------------+) s
5 322 M
( | Receivers's Random Number \(32 bits\) |) s
5 311 M
( +---------------------------------------------------------------+) s
5 289 M
( Format of the MP_CAPABLE-option in the third ACK of the handshake) s
5 267 M
( Figure 3) s
5 245 M
( The format of the MP_CAPABLE option is shown in Figure 2. To) s
5 234 M
( indicate that this MP_CAPABLE contains tokens/random numbers and not) s
5 223 M
( keys \(as in [I-D.ietf-mptcp-multiaddressed], the Version-field is set) s
5 212 M
( to 1. The message format of the third ACK's MP_CAPABLE option is) s
5 201 M
( show in Figure 3.) s
5 179 M
( The Initial Data Sequence Number \(IDSN\) serves to initialize the) s
5 168 M
( MPTCP state on the end-hosts in the same way as TCP's sequence) s
5 157 M
( numbers do during the 3-way handshake. There is one IDSN for each) s
5 146 M
( direction of the data-stream. The IDSN for the data from the client) s
5 102 M
(Paasch & Bonaventure Expires April 18, 2013 [Page 5]) s
_R
S
%%Page: (6) 6
%%BeginPageSetup
_S
18 36 translate
/pagenum 6 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 696 M
(Internet-Draft MPTCP Low Overhead October 2012) s
5 663 M
( to the server is the concatenation of Rand-A and Token-A \(Rand-A||) s
5 652 M
( Token-A\). Rand-A is thus the high-order 32 bits of the IDSN, and) s
5 641 M
( Token-A the low-order 32 bits. For the data from server to client,) s
5 630 M
( the IDSN is the concatenation of Rand-B and Token-B \(Rand-B||) s
5 619 M
( Token-B\). Rand-A and Rand-B MUST be random numbers with sufficient) s
5 608 M
( randomness so that they are hard to guess. Recommendations for) s
5 597 M
( generating random numers for use in keys are given in [RFC4086].) s
5 575 M
( The meaning of the other fields and behavior of the end-hosts during) s
5 564 M
( the MP_CAPABLE exchange is the same as specified in) s
5 553 M
( [I-D.ietf-mptcp-multiaddressed].) s
5 520 M
(3. Starting a new subflow) s
5 498 M
( Once an MPTCP connection has been established and the tokens) s
5 487 M
( exchanged, new subflows can be established. The establishment of the) s
5 476 M
( new subflows follows the handshake as show in Figure 4.) s
5 454 M
( Host A Host B) s
5 443 M
( ---------- ----------) s
5 432 M
( Address A2 Address B2) s
5 421 M
( ---------- ----------) s
5 410 M
( | |) s
5 399 M
( | SYN + MP_JOIN\(Token B\) |) s
5 388 M
( |----------------------------------->|) s
5 377 M
( | |) s
5 366 M
( | SYN/ACK + MP_JOIN\(\) |) s
5 355 M
( |<-----------------------------------|) s
5 344 M
( | |) s
5 333 M
( | ACK + MP_JOIN\(Token B\) |) s
5 322 M
( |----------------------------------->|) s
5 300 M
( Handshake for a new subflow.) s
5 278 M
( Figure 4) s
5 256 M
( As the low-overhead version of MPTCP does not try to protect against) s
5 245 M
( hijacking attacks, the only goal of the MP_JOIN inside the 3-way) s
5 234 M
( handshake is to identify the MPTCP connection this subflow is) s
5 223 M
( joining. The token inside the MP_JOIN of the SYN-segment allows the) s
5 212 M
( server to identify the connection. The SYN/ACK also contains an) s
5 201 M
( MP_JOIN option because the server needs to signal to the client that) s
5 190 M
( it indeed received the SYN together with the MP_JOIN and that there) s
5 179 M
( is no middlebox that removes MPTCP options on this path. Finally,) s
5 168 M
( the client replies with the third ack. This third ack contains again) s
5 157 M
( token B. This allows the server to handle MP_JOIN's in a stateless) s
5 146 M
( manner, as described below. The third ack is sent in a reliable) s
5 102 M
(Paasch & Bonaventure Expires April 18, 2013 [Page 6]) s
_R
S
%%Page: (7) 7
%%BeginPageSetup
_S
18 36 translate
/pagenum 7 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 696 M
(Internet-Draft MPTCP Low Overhead October 2012) s
5 663 M
( manner as explained in [I-D.ietf-mptcp-multiaddressed].) s
5 641 M
( 1 2 3) s
5 630 M
( 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1) s
5 619 M
( +---------------+---------------+-------+-------+---------------+) s
5 608 M
( | Kind | Length |Subtype| |B| Address ID |) s
5 597 M
( +---------------+---------------+-------+-------+---------------+) s
5 586 M
( | Receiver's Token \(32 bits\) |) s
5 575 M
( | \(if option Length == 8\) |) s
5 564 M
( +---------------------------------------------------------------+) s
5 542 M
( Format of the MP_JOIN-option) s
5 520 M
( Figure 5) s
5 498 M
( The semantics of the backup-bit "B" and the Address ID are the same) s
5 487 M
( as in [I-D.ietf-mptcp-multiaddressed].) s
5 454 M
(4. Operation) s
5 432 M
(4.1. Generating the token) s
5 410 M
( The token must only be locally unique. The method used to generate) s
5 399 M
( the token is implementation specific. One possible way to generate) s
5 388 M
( the token is by applying a block-cipher on a counter together with a) s
5 377 M
( local secret. This approach has the benefit of a higher probability) s
5 366 M
( of uniqueness of the token. We will only have a token collision) s
5 355 M
( after the counter has wrapped around. This means, that a connection) s
5 344 M
( must have survived 2^32 other connections to cause a collision.) s
5 333 M
( Thus, a token collision is less likely to occur than with) s
5 322 M
( [I-D.ietf-mptcp-multiaddressed].) s
5 300 M
(4.2. Stateless Servers) s
5 278 M
( To allow stateless SYN+Join handling, the server has to perform the) s
5 267 M
( following upon reception of a SYN:) s
5 245 M
( o Check whether there exists an MPTCP-connection corresponding to) s
5 234 M
( the token inside the MP_JOIN option.) s
5 212 M
( o Send a SYN/ACK as it is done on today's stateless servers.) s
5 190 M
( When receiving the third ACK \(sent reliably as it is done in today's) s
5 179 M
( MPTCP\), the server verifies that indeed it has generated a SYN/ACK) s
5 168 M
( \(like regular TCP's SYN-cookie mechanism\) and thanks to the token) s
5 157 M
( echoed back in the third ACK, the server can find the MPTCP-session) s
5 146 M
( this subflow is joining.) s
5 102 M
(Paasch & Bonaventure Expires April 18, 2013 [Page 7]) s
_R
S
%%Page: (8) 8
%%BeginPageSetup
_S
18 36 translate
/pagenum 8 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 696 M
(Internet-Draft MPTCP Low Overhead October 2012) s
5 663 M
( Handling the SYN+Join in a stateless manner allows the server to) s
5 652 M
( protect itself against attackers that are flooding the server with) s
5 641 M
( SYN+Join messages. As the server does not need to create state when) s
5 630 M
( sending the SYN/ACK, flooding performed by the attacker will not) s
5 619 M
( prevent real clients from establishing new subflows.) s
5 586 M
(5. Security Considerations) s
5 564 M
( The proposed solution removes the HMAC authentication mechanism) s
5 553 M
( described in [I-D.ietf-mptcp-multiaddressed]. It is assumed that) s
5 542 M
( end-hosts will only use this low-overhead version of MPTCP for non-) s
5 531 M
( security critical traffic or in controlled environments like isolated) s
5 520 M
( data-centers.) s
5 498 M
( Security-critical traffic is nowadays typically sent over SSL/TLS or) s
5 487 M
( similar secure application level protocols. This is done because the) s
5 476 M
( transport protocols like TCP do not provide a sufficient security.) s
5 465 M
( An application using SSL over MPTCP benefits from the same security) s
5 454 M
( provided by SSL. There is one downside of using SSL over MPTCP. If) s
5 443 M
( an attacker manages to join an existing connection thanks to a JOIN-) s
5 432 M
( exchange, he can inject data into the SSL-session. However, thanks) s
5 421 M
( to the MAC-authentication of the SSL messages, the end-hosts will) s
5 410 M
( tear down the SSL session.) s
5 377 M
(6. Informative References) s
5 355 M
( [I-D.ietf-mptcp-multiaddressed]) s
5 344 M
( Ford, A., Raiciu, C., Handley, M., and O. Bonaventure,) s
5 333 M
( "TCP Extensions for Multipath Operation with Multiple) s
5 322 M
( Addresses", draft-ietf-mptcp-multiaddressed-10 \(work in) s
5 311 M
( progress\), October 2012.) s
5 289 M
( [RFC4086] Eastlake, D., Schiller, J., and S. Crocker, "Randomness) s
5 278 M
( Requirements for Security", BCP 106, RFC 4086, June 2005.) s
5 245 M
(Authors' Addresses) s
5 223 M
( Christoph Paasch \(editor\)) s
5 212 M
( UCLouvain) s
5 201 M
( Place Sainte Barbe, 2) s
5 190 M
( Louvain-la-Neuve, 1348) s
5 179 M
( BE) s
5 157 M
( Email: christoph.paasch@uclouvain.be) s
5 102 M
(Paasch & Bonaventure Expires April 18, 2013 [Page 8]) s
_R
S
%%Page: (9) 9
%%BeginPageSetup
_S
18 36 translate
/pagenum 9 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
5 696 M
(Internet-Draft MPTCP Low Overhead October 2012) s
5 663 M
( Olivier Bonaventure) s
5 652 M
( UCLouvain) s
5 641 M
( Place Sainte Barbe, 2) s
5 630 M
( Louvain-la-Neuve, 1348) s
5 619 M
( BE) s
5 597 M
( Email: olivier.bonaventure@uclouvain.be) s
5 102 M
(Paasch & Bonaventure Expires April 18, 2013 [Page 9]) s
_R
S
%%Page: (10) 10
%%BeginPageSetup
_S
18 36 translate
/pagenum 10 def
/fname (draft-paasch-mptcp-lowoverhead-00.txt) def
/fdir (.) def
/ftail (draft-paasch-mptcp-lowoverhead-00.txt) def
/user_header_p false def
/user_footer_p false def
%%EndPageSetup
_R
S
%%Trailer
%%Pages: 10
%%DocumentNeededResources: font Courier-Bold Courier
%%EOF
| PAFTECH AB 2003-2026 | 2026-04-23 22:05:03 |