Alan, On Mon, Jul 26, 2021 at 10:35:01AM -0400, Alan DeKok wrote: > > That should be possible. [...] > Yes. [...] > Yes. > > > This means that the benefit for the feature would require a function that > > can be run on a window of packets for predicted inputs and generate the pool > > of next expected sequence numbers. > > Yes. > > I think a cryptographic random number generator here is likely OK. Those > are usually simple, and fast. The system can be seeded with a strong secret, > or maybe hash of a secret and other information. > > My suggestion to calculate a hash over the packet is that it prevents > certain kinds of attacks. i.e. an attacker could take packet X, and sequence > number Y, and put the two together, to spoof / forge state. > > Fixing that requires that the sequence number is somehow tied to a > particular packet.
I don't dispute that these things are possible. What's being requested is that our specifications have some specificity and a proposal be made for a suitable mechanism and how it integrates into BFD. :-) In any case, you've minimally confirmed that the current text in the secure-sequence numbers draft is misleading in suggesting a reversible operation. The procedural text there thus needs work to incorporate the points discussed. -- Jeff
