Become a fan of Slashdot on Facebook


Forgot your password?
Networking Security

Multipath TCP Introduces Security Blind Spot 60

msm1267 (2804139) writes If multipath TCP is the next big thing to bring resilience and efficiency to networking, then there are some serious security issues to address before it goes mainstream. An expert at next week's Black Hat conference is expected to explain how the TCP extension leaves network security gear blind to traffic moving over multiple network streams. Today's IDS and IPS, for example, cannot correlate and re-assemble traffic as it's split over multiple paths. While such attacks are not entirely practical today, as multipath TCP becomes a fixture on popular networking gear and mobile devices, the risks will escalate. "[Multipath TCP] solves big problems we have today in an elegant fashion," said Catherine Pearce, security consultant and one of the presenters, along with Patrick Thomas. "You don't have to replace hardware or software; it handles all that stuff behind the scenes. But security tools are naïve [to MPTCP], and make assumptions that are no longer valid that were valid in the past."
This discussion has been archived. No new comments can be posted.

Multipath TCP Introduces Security Blind Spot

Comments Filter:
  • by Anonymous Coward on Friday August 01, 2014 @09:59AM (#47580979)

    Seriously, the second somebody proposed this it should have been (and surely was) clear what the authentication and security implications were.

    It's not like multi-homed protocols based on IP are new. SCTP [] has been around about a decade (half a decade as a real Internet standard).

Someday your prints will come. -- Kodak