International Association
for Cryptologic Research

Everyone is concerned about Internet security, yet most

traffic is not cryptographically protected. Typical justification is that most

attackers are off-path and cannot intercept traffic; hence, intuitively,

challenge-response defenses should suffice to ensure authenticity. Often,

the challenges re-use existing header fields to protect widelydeployed

protocols such as TCP and DNS.

We argue that this practice may often give an illusion of security.

We review recent off-path TCP injection and DNS poisoning attacks,

enabling attackers to circumvent existing challenge-response defenses.

Both TCP and DNS attacks are non-trivial, yet practical. The attacks

foil widely deployed security mechanisms, and allow a wide range of

exploits, such as long-term caching of malicious objects and scripts.

We hope that this review article will help improve defenses against

off-path attackers. In particular, we hope to motivate, when feasible,

adoption of cryptographic mechanisms such as SSL/TLS, IPsec and

DNSSEC, providing security even against stronger Man-in-the-Middle

attackers.