Internet DRAFT - draft-ietf-tsvwg-sctp-zero-checksum

draft-ietf-tsvwg-sctp-zero-checksum







Network Working Group                                           M. Tüxen
Internet-Draft                           Münster Univ. of Appl. Sciences
Intended status: Standards Track                               V. Boivie
Expires: 23 August 2024                                      F. Castelli
                                                                  Google
                                                                R. Jesup
                                                                 Mozilla
                                                        20 February 2024


       Zero Checksum for the Stream Control Transmission Protocol
                 draft-ietf-tsvwg-sctp-zero-checksum-08

Abstract

   The Stream Control Transmission Protocol (SCTP) uses a 32-bit
   checksum in the common header of each packet to provide some level of
   data integrity.  If another method used by SCTP provides already the
   same or a higher level of data integrity, computing this checksum
   does not provide any additional protection, but does consume
   computing resources.

   This document provides a simple extension to SCTP allowing to save
   these computing resources by using zero as the checksum in a
   backwards compatible way.  It also defines how this feature can be
   used when SCTP packets are encapsulated in Datagram Transport Layer
   Security (DTLS) packets.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 23 August 2024.







Tüxen, et al.            Expires 23 August 2024                 [Page 1]

Internet-Draft           Zero Checksum for SCTP            February 2024


Copyright Notice

   Copyright (c) 2024 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Conventions . . . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  Alternate Error Detection Methods . . . . . . . . . . . . . .   3
   4.  A New Chunk Parameter . . . . . . . . . . . . . . . . . . . .   5
   5.  Procedures  . . . . . . . . . . . . . . . . . . . . . . . . .   6
     5.1.  Declaration of Feature Support  . . . . . . . . . . . . .   6
     5.2.  Sender Side Considerations  . . . . . . . . . . . . . . .   6
     5.3.  Receiver Side Considerations  . . . . . . . . . . . . . .   7
   6.  Error Detection via SCTP over DTLS  . . . . . . . . . . . . .   8
   7.  Socket API Considerations . . . . . . . . . . . . . . . . . .   8
     7.1.  Set Accepting a Zero Checksum
           (SCTP_ACCEPT_ZERO_CHECKSUM) . . . . . . . . . . . . . . .   8
   8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   9
   9.  Security Considerations . . . . . . . . . . . . . . . . . . .  10
   10. References  . . . . . . . . . . . . . . . . . . . . . . . . .  10
     10.1.  Normative References . . . . . . . . . . . . . . . . . .  10
     10.2.  Informative References . . . . . . . . . . . . . . . . .  11
   Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . .  11
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  11

1.  Introduction

   SCTP as specified in [RFC9260] uses a CRC32c checksum to provide some
   level of data integrity.  When using, for example, Datagram Transport
   Layer Security (DTLS) as the lower layer for SCTP as specified in
   [RFC8261], using the CRC32c checksum does not provide any additional
   protection over the one already provided by DTLS.  However, computing
   the CRC32c checksum at the sender and receiver side does consume
   computational resources for no benefit.  This is particularly
   important for end points that are computational-limited and use SCTP
   encapsulated in DTLS.




Tüxen, et al.            Expires 23 August 2024                 [Page 2]

Internet-Draft           Zero Checksum for SCTP            February 2024


   The extension described in this document allows an SCTP end point to
   declare that it accepts SCTP packets with a checksum of zero when
   using a specific alternate error detection method.  This declaration
   happens during the setup of the SCTP association and allows end
   points supporting this extension to be interoperable with end points
   not supporting the extension described in this document.  To provide
   this backwards compatibility, end points using this extension still
   need to implement the CRC32c checksum algorithm.

2.  Conventions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

3.  Alternate Error Detection Methods

   SCTP uses a CRC32c checksum to provide some level of data integrity.
   The CRC32c checksum is computed based on the SCTP common header and
   the chunks contained in the packet.  In particular, the computation
   of the CRC32c checksum does not involve a pseudo header for IPv4 or
   IPv6 like the computation of the TCP checksum, as specified in
   [RFC9293], or the UDP checksum, as specified in [RFC0768].

   Zero is a valid result of the CRC32c checksum algorithm.  For
   example, the following figure depicts an SCTP packet containing a
   minimal INIT chunk with a correct CRC32c checksum of zero.






















Tüxen, et al.            Expires 23 August 2024                 [Page 3]

Internet-Draft           Zero Checksum for SCTP            February 2024


      0                   1                   2                   3
      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |   Source Port Number = 5001   |Destination Port Number = 5001 |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |                     Verification Tag = 0                      |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |                         Checksum = 0                          |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |   Type = 1    |Chunk Flags = 0|       Chunk Length = 20       |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |                   Initiate Tag = 0xFCB75CCA                   |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |       Advertised Receiver Window Credit (a_rwnd) = 1500       |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |Number of Outbound Streams = 1 | Number of Inbound Streams = 1 |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |                        Initial TSN = 0                        |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

        Figure 1: SCTP Packet with a correct CRC32c checksum of zero

   Using SCTP in combination with other mechanisms or protocol
   extensions might provide an equal or better level of data integrity
   protection than the one provided by using the CRC32c checksum
   algorithm.  When using such alternate error detection methods, the
   SCTP common header containing the 32-bit checksum field might or
   might not be visible to middleboxes on the paths between the two end
   points.

   Alternate error detection methods have two requirements:

   1.  An alternate error detection method MUST provide an equal or
       better level of data integrity than the one provided by using the
       CRC32c checksum algorithm.  This MAY only apply to packets
       satisfying some method specific constraints.

   2.  Using an alternate error detection method MUST NOT result in a
       path failure for more than two retransmission timeouts (RTO) due
       to middleboxes on the path expecting correct CRC32c checksums.

   To fulfill the second requirement, alternate error detection methods
   MAY use a heuristic to detect the existence of such middleboxes and
   use correct CRC32c checksums on these affected paths.

   One example fulfilling the first requirement is using DTLS as the
   lower layer of SCTP as specified in [RFC8261].  Another example is
   using SCTP Authentication as specified in [RFC4895].  Of course, this



Tüxen, et al.            Expires 23 August 2024                 [Page 4]

Internet-Draft           Zero Checksum for SCTP            February 2024


   only applies to all SCTP packets having an AUTH chunk as its first
   chunk.  However, using SCTP Authentication without any heuristic does
   not fulfill the second requirement.  Since using DTLS as the lower
   layer of SCTP as specified in [RFC8261] also fulfills the second
   requirement, it can be used as an alternate error detection method
   (see Section 6).

   If an alternate error detection method is available, the computation
   of the CRC32c checksum consumes computational resources without
   providing any benefit.  To avoid this, an SCTP end point could be
   willing to accept SCTP packets with an incorrect CRC32c checksum
   value of zero in addition to SCTP packets with correct CRC32c
   checksum values.

   Because zero is a valid result of the CRC32c checksum algorithm, a
   receiver of an SCTP packet containing a checksum value of zero cannot
   determine whether the sender included an incorrect CRC32c checksum of
   zero to reduce the CPU cost or the result of the CRC32c checksum
   computation was actually zero.  However, if the receiver is willing
   to use an alternate error detection method, this ambiguity is
   irrelevant, since the receiver is fine with not using the CRC32c
   checksum to protect incoming packets.

4.  A New Chunk Parameter

   The Zero Checksum Acceptable Chunk Parameter is defined by the
   following figure.

      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |   Type = 0x8001 (suggested)   |          Length = 8           |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     |           Error Detection Method Identifier (EDMID)           |
     +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

             Figure 2: Zero Checksum Acceptable Chunk Parameter

   Type: 16 bits (unsigned integer)
      This field holds the IANA defined parameter type for the "Zero
      Checksum Acceptable" chunk parameter.  IANA is requested to assign
      the value 32769 (0x8001) (suggested) for this parameter type.

   Length: 16 bits (unsigned integer)
      This field holds the length in bytes of the chunk parameter; the
      value MUST be 8.

   Error Detection Method Identifier (EDMID): 32 bits (unsigned
   integer)



Tüxen, et al.            Expires 23 August 2024                 [Page 5]

Internet-Draft           Zero Checksum for SCTP            February 2024


      An IANA registered value specifying the alternate error detection
      method the sender of this parameter is willing to use for received
      packets.

   All transported integer numbers are in "network byte order" a.k.a.,
   Big Endian.

   The Zero Checksum Acceptable Chunk Parameter MAY appear in INIT and
   INIT ACK chunks and MUST NOT appear in any other chunk.  The
   Parameter MUST NOT appear more than once in any chunk.

   If an end point not supporting the extension described in this
   document receives this parameter in an INIT or INIT ACK chunk, it is
   REQUIRED to skip this parameter and continue to process further
   parameters in the chunk.  This behavior is specified by [RFC9260]
   because the highest-order two bits of the Type are '10'.

5.  Procedures

5.1.  Declaration of Feature Support

   An end point willing to accept SCTP packets with an incorrect
   checksum of zero MUST include the Zero Checksum Acceptable Chunk
   Parameter indicating the alternate error detection method it is
   willing to use in the INIT or INIT ACK chunk it sends.

   An SCTP implementation MAY also require the upper layer to indicate
   that it is fine to use a specific alternate error detection method
   for accepting SCTP packets with an incorrect CRC32c checksum value of
   zero.

5.2.  Sender Side Considerations

   An SCTP end point cannot just use an incorrect CRC32c checksum value
   of zero for all SCTP packets it sends.  The following restrictions
   apply:

   1.  If an end point has not received an INIT or INIT ACK chunk
       containing a Zero Checksum Acceptable Chunk Parameter indicating
       an alternate error detection method it supports from its peer
       during the association setup, it MUST use a correct CRC32c
       checksum.  In particular, when an end point

       a.  sends a packet containing an INIT chunk, it MUST include a
           correct CRC32c checksum in the packet containing the INIT
           chunk.





Tüxen, et al.            Expires 23 August 2024                 [Page 6]

Internet-Draft           Zero Checksum for SCTP            February 2024


       b.  responds to an "Out of the Blue" (OOTB) SCTP packet, it MUST
           include a correct CRC32c checksum in the response packet.

   2.  When an end point sends a packet containing a COOKIE ECHO chunk,
       it MUST include a correct CRC32c checksum in the packet
       containing the COOKIE ECHO chunk.

   3.  When an end point supports the dynamic address reconfiguration
       specified in [RFC5061] and sends a packet containing an ASCONF
       chunk, it MUST include a correct CRC32c checksum in the packet
       containing the ASCONF chunk.

   4.  Alternate error detection methods might have some additional
       conditions requiring that the sender MUST include a correct
       CRC32c checksum in the packet.

   The first restriction allows backwards compatibility, and the second
   and third restrictions allow a simpler implementation of the
   extension defined in this document.  The last restriction covers
   alternate error detection method specific constraints.

   An SCTP end point MAY only send packets with an incorrect checksum of
   zero, if the upper layer allowed the use of the alternate error
   detection method that was announced by the peer.

   If none of the above restrictions apply, an end point SHOULD use zero
   as the checksum when sending an SCTP packet.

5.3.  Receiver Side Considerations

   If an end point has sent the Zero Checksum Acceptable Chunk Parameter
   indicating the support of an alternate error detection method in an
   INIT or INIT ACK chunk, it MUST accept SCTP packets fulfilling the
   requirements of the announced alternate error detection method using
   an incorrect checksum value of zero in addition to SCTP packets
   containing the correct CRC32c checksum value for this association.

   In addition to processing OOTB packets with a correct CRC32c checksum
   as specified in [RFC9260], an SCTP implementation MAY also process
   OOTB packets having an incorrect zero checksum.  Doing so might
   result in faster SCTP association failure detection.










Tüxen, et al.            Expires 23 August 2024                 [Page 7]

Internet-Draft           Zero Checksum for SCTP            February 2024


6.  Error Detection via SCTP over DTLS

   Using SCTP over DTLS as specified in [RFC8261] provides a stronger
   error detection method than using the CRC32c checksum algorithm.
   Since middleboxes will not observe the unencrypted SCTP packet, there
   is no risk in interfering with using zero as an incorrect checksum.
   There are no additional error detection method specific constraints
   on packets when using DTLS encapsulation.

   IANA is requested to assign the Error Detection Method Identifier of
   1 for this method.

7.  Socket API Considerations

   This section describes how the socket API defined in [RFC6458] needs
   to be extended to provide a way for the application to control the
   acceptance of a zero checksum.

   A 'Socket API Considerations' section is contained in all SCTP
   related specifications published after [RFC6458] describing an
   extension for which implementations using the socket API as specified
   in [RFC6458] would require some extension of the socket API.  Please
   note that this section is informational only.

   A socket API implementation based on [RFC6458] is extended by
   supporting one new write-only IPPROTO_SCTP-level socket option.

7.1.  Set Accepting a Zero Checksum (SCTP_ACCEPT_ZERO_CHECKSUM)

   This IPPROTO_SCTP-level socket option with the name
   SCTP_ACCEPT_ZERO_CHECKSUM can be used to control the acceptance of a
   zero checksum.  It is a write-only socket option and applies only to
   future SCTP associations on the socket.

   This option expects an unsigned integer.  Possible values include:

   SCTP_EDMID_NONE:  Disable the use of alternate error detection
      method.  This means that all SCTP packets being sent have a
      correct CRC32c checksum value.

   SCTP_EDMID_LOWER_LAYER_DTLS:  Use the alternate error detection
      method described in Section 6.

   An implementation might only send packets with an incorrect checksum
   of zero, if the alternate error detection method announced by the
   peer is also enabled locally via this socket option.





Tüxen, et al.            Expires 23 August 2024                 [Page 8]

Internet-Draft           Zero Checksum for SCTP            February 2024


   The default for this socket option is that the use of alternate error
   detection methods is disabled.

8.  IANA Considerations

   [NOTE to RFC-Editor: "RFCXXXX" is to be replaced by the RFC number
   you assign this document.]

   [NOTE to RFC-Editor: The suggested value for the parameter type is
   tentative and to be confirmed by IANA.]

   This document (RFCXXXX) is the reference for the registration
   described in this section.

   A new chunk parameter type has to be assigned by IANA.  This requires
   an additional line in the "Chunk Parameter Types" registry for SCTP:

       +===================+==========================+===========+
       | ID Value          | Chunk Parameter Type     | Reference |
       +===================+==========================+===========+
       | 32769 (suggested) | Zero Checksum Acceptable | [RFCXXXX] |
       |                   | (0x8001 (suggested))     |           |
       +-------------------+--------------------------+-----------+

          Table 1: New entry in "Chunk Parameter Types" registry

   Furthermore, IANA is requested to establish a new "Error Detection
   Method" registry for SCTP.  The assignment of new error detection
   methods is done through the Specification Required policy as defined
   in [RFC8126].  Documentation for a new error detection method MUST
   contain the following information:

   1.  A name of an alternate error detection method.

   2.  A reference to a specification describing:

       (a)  the alternate error detection method,

       (b)  why the alternate error detection method provides an equal
            or better level of data integrity protection than the one
            provided by using the CRC32c checksum,

       (c)  any alternate error detection method specific constraints
            referred to in the fourth exception in Section 5.2, and

       (d)  why using the alternate error detection method does not
            result in path failures due to middleboxes expecting correct
            CRC32c checksums for more than two RTOs.  In case the



Tüxen, et al.            Expires 23 August 2024                 [Page 9]

Internet-Draft           Zero Checksum for SCTP            February 2024


            alternate error detection method uses a heuristic for
            detecting such middleboxes, this heuristic needs to be
            described.

   IANA is requested to use the following as the initial contents of the
   registry:

          +================+========================+===========+
          | ID Value       | Error Detection Method | Reference |
          +================+========================+===========+
          | 0              | Reserved               | [RFCXXXX] |
          +----------------+------------------------+-----------+
          | 1              | SCTP over DTLS         | [RFCXXXX] |
          +----------------+------------------------+-----------+
          | 2 - 4294967295 | Unassigned             |           |
          +----------------+------------------------+-----------+

             Table 2: Initial Contents of the "Error Detection
                              Method" registry

   A Designated Expert (DE) is expected to ascertain the existence of
   suitable documentation (a specification) as described in [RFC8126]
   and to verify that the document is permanently and publicly
   available.  Furthermore, the DE is expected to ensure that the above
   four points have been addressed in an appropriate way.

9.  Security Considerations

   This document does not change the considerations given in [RFC9260].

10.  References

10.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC5061]  Stewart, R., Xie, Q., Tuexen, M., Maruyama, S., and M.
              Kozuka, "Stream Control Transmission Protocol (SCTP)
              Dynamic Address Reconfiguration", RFC 5061,
              DOI 10.17487/RFC5061, September 2007,
              <https://www.rfc-editor.org/info/rfc5061>.







Tüxen, et al.            Expires 23 August 2024                [Page 10]

Internet-Draft           Zero Checksum for SCTP            February 2024


   [RFC8126]  Cotton, M., Leiba, B., and T. Narten, "Guidelines for
              Writing an IANA Considerations Section in RFCs", BCP 26,
              RFC 8126, DOI 10.17487/RFC8126, June 2017,
              <https://www.rfc-editor.org/info/rfc8126>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [RFC8261]  Tuexen, M., Stewart, R., Jesup, R., and S. Loreto,
              "Datagram Transport Layer Security (DTLS) Encapsulation of
              SCTP Packets", RFC 8261, DOI 10.17487/RFC8261, November
              2017, <https://www.rfc-editor.org/info/rfc8261>.

   [RFC9260]  Stewart, R., Tüxen, M., and K. Nielsen, "Stream Control
              Transmission Protocol", RFC 9260, DOI 10.17487/RFC9260,
              June 2022, <https://www.rfc-editor.org/info/rfc9260>.

10.2.  Informative References

   [RFC0768]  Postel, J., "User Datagram Protocol", STD 6, RFC 768,
              DOI 10.17487/RFC0768, August 1980,
              <https://www.rfc-editor.org/info/rfc768>.

   [RFC4895]  Tuexen, M., Stewart, R., Lei, P., and E. Rescorla,
              "Authenticated Chunks for the Stream Control Transmission
              Protocol (SCTP)", RFC 4895, DOI 10.17487/RFC4895, August
              2007, <https://www.rfc-editor.org/info/rfc4895>.

   [RFC6458]  Stewart, R., Tuexen, M., Poon, K., Lei, P., and V.
              Yasevich, "Sockets API Extensions for the Stream Control
              Transmission Protocol (SCTP)", RFC 6458,
              DOI 10.17487/RFC6458, December 2011,
              <https://www.rfc-editor.org/info/rfc6458>.

   [RFC9293]  Eddy, W., Ed., "Transmission Control Protocol (TCP)",
              STD 7, RFC 9293, DOI 10.17487/RFC9293, August 2022,
              <https://www.rfc-editor.org/info/rfc9293>.

Acknowledgments

   The authors wish to thank Gorry Fairhurst, Mike Heard, Peter Lei,
   Nils Ohlmeier, Claudio Porfiri, Greg Skinner, Timo Völker, and Magnus
   Westerlund for their invaluable comments.

Authors' Addresses





Tüxen, et al.            Expires 23 August 2024                [Page 11]

Internet-Draft           Zero Checksum for SCTP            February 2024


   Michael Tüxen
   Münster University of Applied Sciences
   Stegerwaldstrasse 39
   48565 Steinfurt
   Germany
   Email: tuexen@fh-muenster.de


   Victor Boivie
   Google
   Kungsbron 2
   SE-11122 Stockholm
   Sweden
   Email: boivie@google.com


   Florent Castelli
   Google
   Kungsbron 2
   SE-11122 Stockholm
   Sweden
   Email: orphis@google.com


   Randell Jesup
   Mozilla Corporation
   1835 Horse Shoe Trl
   Malvern, PA 19355
   United States of America
   Email: randell-ietf@jesup.org





















Tüxen, et al.            Expires 23 August 2024                [Page 12]