Multipath TCP: Breaking Today's Networks with Tomorrow's Protocols

by Catherine Pearce, Patrick Thomas
Sept. 21, 2017 1 comment www.blackhat.com belen_caty Apps & Hardening MPTCP security awareness

MultiPath TCP (MPTCP) is an extension to TCP that enables sessions to use multiple network endpoints and multiple network paths at the same time, and to change addresses in the middle of a connection. MPTCP works transparently over most existing network infrastructure, yet very few security and network management tools can correctly interpret MPTCP streams. With MPTCP network security is changed: how do you secure traffic when you can't see it all and when the endpoint addresses change in the middle of a connection? This session shows you how MPTCP breaks assumptions about how TCP works, and how it can be used to evade security controls. We will also show tools and strategies for understanding and mitigating the risk of MPTCP-capable devices on a network.

https://www.blackhat.com/us-14/archives.html#multipath-tcp-breaking-todays-networks-with-tomorrow...

Avatar
Irina Alexandra Negrii 4 months, 1 week ago

This is a particularly sad reflection on the state of network security. It's even sadder that a new protocol gets blamed for non-existent security, when in fact the protocol designers have done everything possible to enable security middleboxes to work with it.

Reply