[ih] IEN Notes and INWG
John Day
jeanjour at comcast.net
Tue Mar 23 12:29:27 PDT 2010
We have a paper in the works in which we have looked at a number of
attacks on protocols of this type and delta-t is not susceptible to
them. Basically it comes down to delta-t decouples port allocation
from synchronization. TCP combines the two and then overloads port
allocation with application naming.
I was quite surprised, because like you, I assumed that since delta-t
had not been subjected to that kind of hardening, it would have the
same vulnerabilities. Turns out not to be the case at least when
used in the context we are looking at it.
We haven't looked at all of them yet, but so far the results are
quite surprising.
We are looking at it in an architecture does not do listens on
well-known ports. A short term hack that should have been gotten rid
of decades ago.
Take care,
John
At 18:51 +0000 2010/03/23, Tony Finch wrote:
>On Mon, 22 Mar 2010, John Day wrote:
>>
>> TS was simpler than TCP, but still not the answer. That honor goes to
>> delta-t, which is not only simpler but also has better security properties
>> than both. (Watson's proof that bounding 3 timers is necessary
>>and sufficient
>> is one of the most important results (as well as surprising and
>>astounding) in
>> all of networking and little understood or recognized. An incredible
>> intellectual achievement.)
>
>As far as I can tell from the literature, delta-t had no hardening against
>denial of service attacks. The server must be prepared to buffer data from
>the client before it can prove that the client is listening. So I'm not
>sure in what sence it is more secure.
>
>Tony.
>--
>f.anthony.n.finch <dot at dotat.at> http://dotat.at/
>GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS.
>MODERATE OR GOOD.
More information about the Internet-history
mailing list