ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: 'monotonic increasing'

2006-02-17 15:13:15
from [Tom.Petch] [Permanent Link] 
I agree that there is no clear cut case where security will be compromised, but
as long as RFC eg RFC1510 (kerberos) tie the concept of nonce to a monotonic
increasing sequence, I think the risk is there and could easily be avoided if we
started using the term 'strictly increasing' instead.

Of the RFC I have looked at, RFC3412 (SNMP) is probably the one I would most
question, since it suggests that a monotonically increasing integer will avoid a
reuse of outstanding values; for me, this is a clear case of 'strictly
increasing'.

Tom Petch

----- Original Message -----
From: "Elwyn Davies" <elwynd(_at_)dial(_dot_)pipex(_dot_)com>
To: "Tom.Petch" <sisyphus(_at_)dial(_dot_)pipex(_dot_)com>
Cc: "ietf" <ietf(_at_)ietf(_dot_)org>
Sent: Friday, February 17, 2006 9:50 PM
Subject: Re: 'monotonic increasing'



Hmm!  I don't think I see your problem with any of the usages in the
RFCs mentioned.  In all cases monotonically is used to express that the
sequence is non-decreasing which is in line both with the mathematical
definition and the Merriam-Webster online dictionary #2 sense.  In some
of the cases the sequence required is actually strictly monotonically
increasing but the other words make this clear, and since strictly
monotonic sequences are also monotonic, it is not wrong.  The only one
where there could be (IMO) a soupçon of doubt is RFC2679 where it isn't
absolutely clear whether or not T in the (n+1)-th pair needs to be
strictly greater than T in the nth pair, and I suspect it doesn't
matter in this case - it certainly wouldn't break interoperability.

Regards,
Elwyn

Tom.Petch wrote:

Elwyn

To be more concrete, I have some 1800 RFC readily available and find

monotonic

in 54 of them from RFC677 (1975) to RFC4303.

Plucking a few at random, RFC3412 (SNMP) suggests that monotonic increasing
would avoid reuse while RFC2406 (IPsec) suggests monotonic increasing can be
used in the context of replay attacks.  (I accept that in the latter, as in

many

cases, understanding the context, the whole document or set of RFC, does

imply

that the sequence should be strictly increasing).  RFC2679 (IPPM) is more
mathematical in its approach, where I would expect the term to be informed

by

its use in mathematical textbooks, but it appears not to be

Tom Petch

----- Original Message -----
From: "Elwyn Davies" <elwynd(_at_)dial(_dot_)pipex(_dot_)com>
To: "Tom.Petch" <sisyphus(_at_)dial(_dot_)pipex(_dot_)com>
Cc: "ietf" <ietf(_at_)ietf(_dot_)org>
Sent: Friday, February 17, 2006 8:19 PM
Subject: Re: 'monotonic increasing'




Hi.

Tom.Petch wrote:


The phrase 'monotonic increasing' seems to be a Humpty-Dumpty one, used

with



a


different sense within RFC to that which I see defined elsewhere; and this
could lead to a reduction in security.

Elsewhere - dictionaries, encyclopaedia, text books -  I see it
defined so that when applied to a sequence of numbers, then each number is


not


less than its predecessor, so that
1 1 1 1 1 1 1 1 1 1
1 1 2 3 5 8 13
1 2.71828 3.14159 4.18 42
are all monotonic increasing sequences whereas
1 2 3 4 5 6 7 9 8 10
is not.



On the definition of monotonic increasing: I just checked my memory with
my copy of Apostol (Mathematical Analysis, vintage 1968 or so) and
monotonic increasing implies element (n+1) greater than or equal to
element n for all n.  'Strictly monotonic increasing' implies greater
than.  On line
http://www-history.mcs.st-and.ac.uk/~john/analysis/Lectures/L8.html
confirms this.


Within RFC, mostly those related to security or network management, the


context


of its use implies, in addition, one or more of
a) each number in the sequence is different (as in number used once)
b) each number is an integer
c) each number is one greater than its predecessor (as in message


sequencing) .


Most likely, an implementation that conforms to the rest of the world


definition


would interwork with one that conforms to the RFC one, but with some loss

of

security, since numbers that are intended to be used only once could be


reused.


Q1) Can anyone point me to an authoritative source that endorses the RFC


usage?


Q2) Even so, since the  rest of the world usage seems to be so widely


defined,


should we change our terminology, eg specifying seqences to be strictly
increasing when that is what is needed?




I just did a full text search of all the RFCs using the zvon repository
which covers up to RFC3999.  the fragment 'monotonic' (including
'monotonically') appears in RFCs 1323, 1379, 1644, 1889, 2326, 2681,
3571 and 3550.  All these cases (either about timestamps or TCP sequence
numbers)  appear to use monotonically increasing in line with the
mathematical definition although it is possible that a couple of them
(e.g., RFC3571, s4) ought to use strictly monotonic, although the usage
is clear from the additional words.

In many cases the phraseology is explicitly used because the sequence
(of tiimestamps used, for example)  does not have every possible integer
represented.

Do you have a concrete example of your problem?

Regards,
Elwyn


 Tom Petch


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf










_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Pppext] Re: Last Call: 'Accommodating an MTU/MRU greater than 1492 in PPPoE' to Informational RFC, Pekka Savola
Next by Date:  Re: 'monotonic increasing', Ken Raeburn
Previous by Thread:  Re: 'monotonic increasing', Elwyn Davies
Next by Thread:  Re: 'monotonic increasing', Ken Raeburn
Indexes:  [Date] [Thread] [Top] [All Lists]