A question about the implementation of tcp challenge ack limit

zzr

New Member
Joined
Oct 21, 2021
Messages
1
Reaction score
0
Credits
13
TCP challenge ack limit is a numebr to limit the sending packets of challenge ack per second. The implementation is:
68B6DF1E-1F5D-4708-A18E-0C86FE648260.png

To solve the problem in the paper Off-Path TCP Exploits: Global Rate Limit Considered Dangerous, the global challenge count is randomized. And I want to know why the seed of function prandom_u32_max is set to ack_limit, a fixed number, and if the seed is timestamp will be better. Thanks.
 


TCP challenge ack limit is a numebr to limit the sending packets of challenge ack per second. The implementation is:
View attachment 10542
To solve the problem in the paper Off-Path TCP Exploits: Global Rate Limit Considered Dangerous, the global challenge count is randomized. And I want to know why the seed of function prandom_u32_max is set to ack_limit, a fixed number, and if the seed is timestamp will be better. Thanks.
I don’t have the code in front of me, but the parameter to prandom_u32_max is NOT the seed, It’s the maximum random number to generate.
So the function will return a pseudo-random number ranging from 0 to ack_limit.

And again, I don’t have the code in front of me, but under the hood - I’d imagine that the prandom_u32_max function is at least seeded from the system timestamp - it may even use a more complex source of randomness. But without seeing the code, IDK!

[edit]
A quick bit of DuckDuckGo-fu yielded this, which backs up what I’ve said:

And the code in the following link indicates that the random number generator is seeded from system entropy, rather than the system time. Which is a much better and more complex source of randomness than a simple time stamp!
[/edit]
 
Last edited:

Members online


Top