New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Proposal for adding ECN support to QUIC. #1372
Changes from 1 commit
961d5d9
b50fe18
57278fe
44a70f8
afd15f2
da68127
a9755ce
3a95c40
12b1054
bfe80d5
88f76dc
f14134f
71c2794
2ff5ac9
19d3b53
f71e933
fc94546
66505a3
d525046
28ef4c1
6dd9237
0bb5bad
0f94847
0e7d43b
822aded
345f593
e60cc8f
fdf9df7
ec97fd8
bf30190
60468a7
f577c8e
2d76935
4af108c
55fa3d6
e06a2a0
1636ebc
139f1ee
dbfe4d8
73bf8cb
be91e8f
f8d3d5c
cf312f9
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4416,6 +4416,23 @@ limit mitigates the effect of the stream commitment attack. However, setting | |
the limit too low could affect performance when applications expect to open | ||
large number of streams. | ||
|
||
## Explicit Congestion Notification Attacks | ||
|
||
The ECN bits {{!RFC3168}} are an unauthenticated signal from the network. An | ||
on-path attacker may manipulate the value of the field. Thus, affecting the | ||
congestion avoidance behavior of the sender. By clearing any CE marks the | ||
connection can help drive a bottle neck queue into a loss regime. By setting | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Removing any ECN-CE marking causes senders to maintain or increase their sending rate beyond that the path can sustain, which will eventually result in loss. Adding an ECN-CE marking causes senders to reduce their sending rate. |
||
the ECN field to CE marking it can drive down the senders congestion window | ||
thus resulting in reduced throughput. The later could equally be accomplished | ||
by dropping packets for the connection. Section 18 and 19 of {{!RFC3168}} | ||
discusses the effects of undesired manipulation of the ECN field in more | ||
details. | ||
|
||
If a receiver would not have packet duplication detection and not discard any | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. How about "If a receiver does not discard duplicate packets, an off-path attacker can retransmit packets with ECN bits set and manipulate the senders congestion avoidance state." |
||
duplicates an off-path attacker that can receive copies of the connection's | ||
packets can manipulate the senders congestion avoidance state. If packet | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. packet duplicates -> duplicate packets |
||
duplicates are dropped, the off-path attacker will need to race the original | ||
packet to be successful in this attack. | ||
|
||
# IANA Considerations | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this reads more clearly as one sentence. ie: "An on-path attacker may manipulate the value of the field, affecting the congestion avoidance behavior of the sender."