Relying on a fast counter for protection is fruitless -- I showed this in a 1989 paper. Look at it this way -- given some idea of the mean increment per unit time, trying to find the exact right guess is like trying to exploit a race condition. Usually you lose -- but winning just once is enough. Furthermore, the idea of multiple guesses per attempt appears to be sound -- from a quick glance at the TCP spec, an erroneous ACK will not cause any harm. The best solution, of course, is to abandon the fatally-flawed notion of address-based authentication in the first place. If you must use it, use a per-connection time base, per RFC 1948.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:15:36 PDT