Security for multipath TCP: a constructive approach

Multipath TCP (MPTCP) is a new protocol being developed in the IETF's MPTCP working group in order to provide higher communication availability and to improve the throughput between two multi-addressed endpoints by using multiple paths. Due to the multipath nature and specifically its path management, some new security threats arise apart from those that are already present in standard single-path TCP. These new attacks include flooding and hijacking attacks performed by an off-path attacker. In this paper, we explore different solutions in order to cover the identified security flaws. The main proposal is based on hash chains, which significantly reduces the initial set of threats resulting in a residual group of vulnerabilities, which are also identified.

multipath tcp; mptcp; security threats; flooding attacks; hijacking attacks; hash chains; transmission control protocol; vulnerabilities.

Security for multipath TCP: a constructive approach Articles