[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lwip-users] [lwip] Module for secure TCP sequence number generation
|
From: |
Paul Sheer |
|
Subject: |
[lwip-users] [lwip] Module for secure TCP sequence number generation |
|
Date: |
Thu, 09 Jan 2003 00:04:22 -0000 |
Here is some code that uses a Galois Field as a hash
function. These envolve calculation of ((g**n) mod p),
and are hence very slow. but the code is really simple
and small. The ISN algorithm is very close to Linux's.
comments welcome
--
Summary:
extern u32_t MHz_clock_counter;
static u32_t qe2 (u32_t x, u32_t y, u32_t n)
{
long long s = 1, t = x, u = y;
while (u) {
if (u & 1) s = (s * t) % n;
u >>= 1;
t = (t * t) % n; }
return (u32_t) s;
}
#define hash1(x) qe2 (MY_G1, (x), MY_PRIME1)
#define hash2(x) qe2 (MY_G2, (x), MY_PRIME2)
#define hash3(x) qe2 (MY_G3, (x), MY_PRIME3)
/* local_addr ignored for now */
u32_t tcp_next_iss (u16_t port1, u16_t port2, u32_t local_addr,
u32_t remote_addr)
{
static u32_t last_clock = 0, local_clock = 0, spurt_clock =
0, random_increment = 0;
u32_t clock = MHz_clock_counter;
local_clock += clock - last_clock;
spurt_clock += clock - last_clock;
last_clock = clock;
if (spurt_clock > (random_increment >> 7)) {
local_clock += random_increment & 0xFFFFFF;
spurt_clock = 0;
random_increment = hash1 (clock); }
return local_clock + (hash2 ((u32_t) ((u32_t) port1 << 16) | port2)
^ hash3 (remote_addr) ^ PER_HOST_RANDOM_KEY);
}
-paul
begin 644 tcp_isn_generator.c.gz
M'XL(`-Z(7CT``Y58:U/;R!+];/V*WDTE2,082\X%@@-;>4"6NH10$&HWE4U<
M0AK;address@hidden(MF0[2:VK$J29[IE^G#G=H^U->IE-9WDR&FMR
M7WH4=+M!F\[#(J7+L1!YQZ%->IZF9$04Y4*)_%;$'>()_G<IHB(7].[E.24R
MT4F8DA(WA9"1(%E,KD5.49A&11KJ))/*+.AL;address@hidden&:1$+>J9TG&2=\6%]
M:*:V=3(1/.IL;]*[<:(HA!U1-A&*AGDVH>?3:9J(F%[FLZG.1GDX'<\HD#$=
MP3R8Q?N1[W=ZQ-LY>C85L1A2(54RDM!3XRS75/@[`]U?G4TDYGH!S[$!%\<O
M284S1842%/RG^_G/+^0^H4F2IHD2429C#[854HN\[5P7FDX36=RS-.PF_PW$
MRVFV1MSC0=KU"7.#*,VBSX-2PN[X/BL0.4DC(44>:D%Y*&.X_5G`BF&6DPBC
M,4WP7R(%W25ZC'S@)Z)Q1EN2-A[`'YXZ/[H8_/address@hidden>D_=
M^PWJD\YI*XIIX_G6<7?KZ0;]8Q9X1MNQN-TNROV^41Q;VP_VZ%H=^!0<&@%9
M(!]]N]_5*>?TYSON]%[XN_Z3)Y!E_^Z$<8_C&<H9C4,%1T8T+*3)7(?&`KB"
ME)&@UV&:`0/#1*0Q(BRBD,<address@hidden;%H8]&8;D6."8/0#KDL
M'*8J<RJ--+OSJ&8WV^"address@hidden>.VW">]MPO/YQ<F;(]]K"`<-X6!)
M.&@*]QK"O27AGF>BPE,),=BKQ"/3DRR>address@hidden(;S'YG=TC/#6IE_S5._X
MR5%SV-KW8RV>"G:>!FNT>G.MXQ=+6CSU8N_8YPPKC0,?E1`W7MO'^W8Y-JL>
MI.=\-<!+,address@hidden&Y&R?(L5MX]-5I)4,\T2/R/:/@*E"+
address@hidden;[3*NCP$(address@hidden<J$+G$%K%E;H.]]-!A![;:#'J)QFS`/`
M5*$8G)B`@>`S"N,87*C^6!UR#%/=,5?PG`K!8G1"=UF1QAA)Y&>:YF)K3HI8
M-J2IR+?&F=+E(7=PR-D050R'290(J=O$I))LX,B=BO"VW'/`>V*Y3&>&P,!:
M.%0*&P(address@hidden&:0*`5GF>address@hidden:X1WL5+4.5BL6K;:;4X3'8\%Y-,"S-1
M9:N1X#14VI(address@hidden<address@hidden,!*!^+PT.6LTFV2U;*:address@hidden
address@hidden&&_>6XK3L"7)N"*#A/M6.9)E],0:-L:*E^0_%"&FPH
M$Y2_-D,U&L/-K!B-4X"=<971PET&A]F)address@hidden)4H$G5R>E?54
M>;"BQ`E4PPF'A:Z%OA-"4O=_RE"?O[.[NQOX._RJN9JA;H/\V-Y>M\N*MFRI
address@hidden(address@hidden,^("XL`T-AIN!D!5_`W3(WJA&NQB2U#CNVNV6>Q*C--
M0K+WUA&XQ*IWJ--3;-$I*R3T-E3I-;8:F\;![W1[7#(17V`]#T?"I$ES%Y!)
M8Y-*N2,!BT^RW.*=\\B44$_Y(;DK.#L\I%W/$,@2AE8D'\VI#C320#!#M;4&
MP::"D&ND/&8:8.B$XDQNH)N0,8*C.3EWZ%2L^W$FE)E$,>,P#E%4V9->L'7-
M]0KIXF$^I.KQR;DR.\S=+3FLX0>YIC*16S';_,$<>WKV#-CP4-;-P?=PS''.
M/]D*A6C5#CI&UU1RSQ`E>K4A=1WGQRU,address@hidden&address@hidden@(S+C^%
M^2AJ4S0.T15MXN5V02YY$>&,H`4$:DG?UID!,<Q!B.8/:$W:N9'0+)X-XW!&
M[B-]VZ:SJ]-3KU^Q5:[7L0FST3Q2^K:C;P?(180XVA=^WB2_:WY7U7+3'.8#
M:[\_+/Z1OY>VE'/<F[G]OD&8-=C8V"I4*L247+,69%L8AD5-@@address@hidden"
M6ZQ:O%5Z<SB/[<)"LVO30C_HI-9*EXLKW,3&'B_?D(N3X1#FK!>O]ARL5>4S
M/5=5K%L6CW*%><-P3-NKR\'XRH]JY6MT:&address@hidden>``)_%?NSS?&C;;U&"?
M'\.GM18SQKU_C9M&Z]$U)^F!D`B]L[[<\-E_.Q7RQ>4KF(address@hidden)T/80C0:>
MQMP)R,S!K0FM,M,X%&9+1!YG^V0O7/;address@hidden;J8&ZSNX_^,'>Q[Z=
M-HU!;7ZBKG\P$TE<D$S/5AOD6Z*(^\Y"Q:address@hidden'YQN;B8(-]%JOBO>]\K8^H
M8F*[AX2CY[3,R4H,^U*">PHNG8.+LU<GEY>#B[=79Z\N,?SXL<%#BW7!Z=W[
MW:?73Y'$%O/(IP-FPVI];SD";-(G*'J&^7>''SUFR]U*FY7Y+T\.AW:.B=0,
MHJKL>09**`PVO\8AO-]F25P/address@hidden"+7,RV4NV01B"7Y`DPNCS.4
address@hidden"_-)?P>UP/T]NI=OZ&"G);address@hidden'=6F_?.E30S.JFC7X
MQL.X[]?=8S*S[M40,YG"8BI_?*:7UD.O7C/VS?._Z=LW>\CJ'AVNHLR;KUK]
M5B(-O]>$^A%L6L1W,K4QQ2'DEQ(`G&4A%:Z/W/address@hidden(&A32,07M5QP6`^
M7U7677<-UIO>,D:_+86>X63J,L#6M.`7+'$^TV/T27SIQ>T8#=WBXJC,9P''
M4B-_-S',9V[9_`'%#3[U`F_+M[=['HZS.VFX8GL36_ZV7:A\^SJ1VU.SA^,8
MM4FHQX3+-G\]43>YMJ.<IFJ4GQUG!)`P,[C\ZGJ>$_&MSG'L'<[?MU4;8]/L
address@hidden:H_;B7GG*-S7[>FK$^-/,,(RT*[W]><+!P_3AX_S5KBNA&1@<[S>0D7?0
M=R*(;M!$#!<!B;(4S$?39)(PP-DW5^(4^0L-)I_>address@hidden@.KU-P1*&=CDC7&
M-`Q*5B%<&96LS/S,./Z)5(G5O=CL!,)address@hidden;(GKW)Y?+O3^
M*7-?+W!J=_+:0BL#E=X4==MW'N"6A)LN+(`G:address@hidden>5`*9"NB;O.)X<
M1W_5-],KS$=OL(U5X+UJB5.#<+#XHL)`K*:XJMP,$K[(W.RO8(/!.4(?8==#
M3B#:IJFWFNKUYJULW/V%!QR7ALY2'+G)67S<J[[*/(SIH;address@hidden&/
ED'W8W_(_>K]0?[U&=;1.E8\O%Q6_,6J--U]T_P^O(YJW3A8`````
`
end
Paul Sheer Consulting IT Services . . Tel . . . +27 (0)21 6869634
Email . . . address@hidden . . . . . . Pager . . . 088 0057245
Linux development, cryptography, recruitment, support, training
http://www.icon.co.za/~psheer . . . . http://rute.sourceforge.net
L I N U X . . . . . . . . . . . . The Choice of a GNU Generation
[This message was sent through the lwip discussion list.]
- [lwip-users] [lwip] Module for secure TCP sequence number generation,
Paul Sheer <=