computer networking A computer network is a collection of communicating computers and other devices, such as printers and smart phones. In order to communicate, the computers and devices must be connected by wired media like copper cables, optical fibers, or b ...

, tcpcrypt is a

transport layer In computer networking, the transport layer is a conceptual division of methods in the layered architecture of protocols in the network stack in the Internet protocol suite and the OSI model. The protocols of this layer provide end-to-end c ...

communication

encryption In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...

protocol. Unlike prior protocols like TLS (SSL), tcpcrypt is implemented as a TCP extension. It was designed by a team of six security and networking experts: Andrea Bittau, Mike Hamburg,

Mark Handley Mark Handley is a playwright and screenwriter. Personal life In 1977, he and his wife moved to the Pacific Northwest where they lived in isolation in a log cabin that they built themselves. Career He is best known for his play ''Idioglos ...

, David Mazières,

Dan Boneh Dan Boneh (; ) is an Israeli–American professor in applied cryptography and computer security at Stanford University. In 2016, Boneh was elected a member of the National Academy of Engineering for contributions to the theory and practice of cr ...

and Quinn Slack. Tcpcrypt has been published as an Internet Draft. Experimental

user-space A modern computer operating system usually uses virtual memory to provide separate address spaces or regions of a single address space, called user space and kernel space. This separation primarily provides memory protection and hardware protec ...

implementations are available for Linux, Mac OS X, FreeBSD and Windows. There is also a

Linux kernel The Linux kernel is a Free and open-source software, free and open source Unix-like kernel (operating system), kernel that is used in many computer systems worldwide. The kernel was created by Linus Torvalds in 1991 and was soon adopted as the k ...

implementation. The TCPINC (TCP Increased Security)

working group A working group is a group of experts working together to achieve specified goals. Such groups are domain-specific and focus on discussion or activity around a specific subject area. The term can sometimes refer to an interdisciplinary collab ...

was formed in June 2014 by

IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet standard, Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster ...

to work on standardizing security extensions in the TCP protocol. In May 2019 the working group released and as an experimental standard for Tcpcrypt.

Description

Tcpcrypt provides

opportunistic encryption Opportunistic encryption (OE) refers to any system that, when connecting to another system, attempts to encrypt communications channels, otherwise falling back to unencrypted communications. This method requires no pre-arrangement between the two ...

— if either side does not support this extension, then the protocol falls back to regular unencrypted TCP. Tcpcrypt also provides encryption to any application using TCP, even ones that do not know about encryption. This enables incremental and seamless deployment. Unlike TLS, tcpcrypt itself does not do any

authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an Logical assertion, assertion, such as the Digital identity, identity of a computer system user. In contrast with iden ...

, but passes a unique "session ID" down to the application; the application can then use this token for further authentication. This means that any authentication scheme can be used, including passwords or certificates. It also does a larger part of the public-key connection initiation on the client side, to reduce load on servers and mitigate DoS attacks.

History

The first draft of the protocol specification was published in July 2010, with

reference implementation In the software development process, a reference implementation (or, less frequently, sample implementation or model implementation) is a program that implements all requirements from a corresponding specification. The reference implementation ...

s following in August. However, after initial meetings in IETF, proponents of the protocol failed to gain traction for standardization and the project went dormant in 2011. In 2013 and 2014, following

Edward Snowden Edward Joseph Snowden (born June 21, 1983) is a former National Security Agency (NSA) intelligence contractor and whistleblower who leaked classified documents revealing the existence of global surveillance programs. Born in 1983 in Elizabeth ...

Global surveillance disclosures During the 2010s, international media reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked ...

about the

NSA The National Security Agency (NSA) is an intelligence agency of the United States Department of Defense, under the authority of the director of national intelligence (DNI). The NSA is responsible for global monitoring, collection, and proces ...

and agencies of other governments, IETF took a strong stance for protecting Internet users against surveillance. This aligns with tcpcrypt's goals of ubiquitous transparent encryption, which revived interest in standardization of the protocol. An official IETF

mailing list A mailing list is a collection of names and addresses used by an individual or an organization to send material to multiple recipients. Mailing lists are often rented or sold. If rented, the renter agrees to use the mailing list only at contra ...

was created for tcpcrypt in March 2014, followed by the formation of the TCPINC (TCP Increased Security)

in June and a new version of the draft specification.

Performance

Tcpcrypt enforces TCP timestamps and adds its own TCP options to each data packet, amounting to 36 bytes per packet compared to plain TCP. With a mean observed packet size for TCP packets of 471 bytes, this can lead to an overhead of 8% of useful bandwidth. This 36 bytes overhead may not be an issue for internet connections faster than 64kbs but it can be an issue for dial-up internet users. Compared to TLS/SSL, tcpcrypt is designed to have a lower performance impact. In part this is because tcpcrypt does not have built-in authentication, which can be implemented by the application itself. Cryptography primitives are used in such a way to reduce load on the

server Server may refer to: Computing *Server (computing), a computer program or a device that provides requested information for other programs or devices, called clients. Role * Waiting staff, those who work at a restaurant or a bar attending custome ...

side, because a single server usually has to provide services for far more clients than the reverse.

Implementations

The current user space implementations are considered experimental and are reportedly unstable on some systems. It also does not support

IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communication protocol, communications protocol that provides an identification and location system for computers on networks and routes traffic ...

yet, which is currently only supported by the Linux kernel version. It is expected that once tcpcrypt becomes a standard, operating systems will come with tcpcrypt support built-in, making the user space solution unnecessary.

References

External links

*
TCPINC Working Group Charter at IETF

Slides from USENIX 2010 presentation, explaining basics of tcpcrypt
{{VPN TCP extensions Internet security Cryptographic protocols