[e2e] Re: [Tsvwg] Really End-to-end or CRC vs everything
David P. Reed
dpreed at reed.com
Mon Jun 11 06:14:10 PDT 2001
At 04:52 PM 6/10/01 -0700, Dennis Ferguson wrote:
>Choices which are really good under some sets of circumstances are really
>bad under others. For link-by-link protection from transmission errors we
>have the luxury of crafting the error detection to match the characteristics
>of the link, and even of changing it if the original choice is proven wrong,
>but end-to-end checksums are long-lived and are supposed to be able to treat
>the network stuff in between the ends as an ever-changing black box. I
>have no idea how you design for this.
The traditional way to deal with this kind of non-statistical uncertainty
is pretty straightforward. What you do is assume that the error process is
an *adversary* that knows everything about the protocol that can be known,
and who *wins* the game if they can corrupt the data with a high enough
The result of this thinking is that cryptographic message authentication is
the appropriate answer. A "key" chosen out of sight of the adversary, at
random, is used to select from a range of functional transformations which
are diverse enough so that without knowledge of the key, one cannot
transform the datagram into an acceptable one.
For this, you don't need an "error model".
WWW Page: http://www.reed.com/dpr.html
More information about the end2end-interest