TCP Checksum: The Fault in the Stars

TCP Checksum could be deemed as one of the weakest non-cryptographic checksums, and yet it continues to be there, undisputed. Sometimes edge-systems even have it turned off for performance reasons, counting on the application checksums for integrity; while other systems like gateways and servers have them offloaded to the network interface card (NIC), mostly because the functionality exists. The question is, does it really serve any purpose in today’s date? It does, very little.

RFC 793:

The checksum field is the 16 bit one’s complement of the one’s complement sum of all 16-bit words in the header and text. If a segment contains an odd number of header and text octets to be checksummed, the last octet is padded on the right with zeros to form a 16-bit word for checksum purposes. The pad is not transmitted as part of the segment. While computing the checksum, the checksum field itself is replaced with zeros.

Continue reading “TCP Checksum: The Fault in the Stars”

TCP_MD5SIG: An Undocumented Socket Option in Linux

Although the Linux kernel implements RFC 2385 as TCP_MD5SIG socket option, there are no man page entries describing the functionality and the usage, for kernel as well as user-space. The setsockopt() is a straightforward API, however, the prerequisites or constraints put by the RFC makes it a bit tricky to use. It was meant to put a check on authenticity, although it could also be transparently used for data integrity, where the TCP checksum is not good enough!

RFC 2385 talks about “Protection of BGP Sessions via the TCP MD5 Signature Option”. It was proposed way back in 1998 to avoid the BGP from spoof-attacks wherein the attacker can forge the TCP segments. By adding MD5 signature as a TCP Option (Type #19), this spec provides a mechanism to vouch on the authenticity of the sender and data. The MD5 signature is computed using a pre-shared key between the client and the server.

The socket option TCP_MD5SIG saves a mapping of the pre-shared MD5 key against the corresponding peer endpoint. It is mandatory to bind the client to a particular IP and port known to the server. The setsockopt() must be called on the listen socket of the server and the connection socket of the client, before the connect() gets called from client.

Continue reading “TCP_MD5SIG: An Undocumented Socket Option in Linux”