TCP Congestion Control with a Misbehaving Receiver
Reviewer: Mark Meras (mm446)
Main Contribution
This paper is by Savage et al. is an important contribution. It describes
(a) how a misbehaving receiver can attempt to force the sender to send
data faster and (b) how senders can prevent this behavior. The paper
argues that TCP can be modified without introducing assumptions about
receiver behavior.
Key Ideas
- TCP has several vulnerabilities that a malicious receiver can
exploit. These include ACK division, DupACK spoofing, and optimistic
ACKing.
- These can be solved in several ways. The solution to ACK division is
to moidfy the congestion control mechanisms to operate at byte granularity
or to guarantee segment-level granularity encapsulation.
- The solution to DupACK spoofing involves modifying the TCP packet
format to include from fields: Nonce and Nonce Reply, the first filled
with random data. This is not great, because both the sender and the
receiver need to be modified. Alternatively, the sender can keep track of
outstanding segments sent above the missing segment.
- Optimistic ACKing can be reduced by using a Nonce (see above), and
also by randomly varying the size of outgoing segments by a small amount.
Critique of Contribution
This paper makes an important contribution by explaining malicious
techniques for exploiting TCP and ways to prevent exploits. These
solutions are very important for maintaining TCP fairness.
Open Question
Issues of trust in TCP need to be explored further, since TCP is no longer
used in a collaborative manner.