19.3 Non-ECN-Based Methods of Subverting End-to-end Congestion Control
19.3 Non-ECN-Based Methods of Subverting End-to-end Congestion Control
It is important to recognize that ECN is not the only or primary means of subverting end-to-end congestion control. Even without ECN, end systems and network elements can subvert congestion control in multiple ways:
- Modifying TCP implementations: End systems can modify their TCP implementations to not respond to packet drops, or to use more aggressive congestion control algorithms.
- Using multiple connections: Applications can open multiple TCP connections to gain a larger share of bandwidth.
- Using non-TCP protocols: Applications can use UDP or other protocols that do not implement congestion control.
- Forging acknowledgements: Malicious receivers can forge acknowledgements to trick senders into sending faster.
Thus, the security risks introduced by ECN are consistent with the broader set of issues that already exist. ECN does not significantly increase the ability or motivation to subvert end-to-end congestion control.
The key conclusion is that while ECN introduces some new security considerations, these risks are manageable and consistent with the types of congestion control subversion threats that already exist in the Internet. The benefits of ECN (reduced packet loss, improved performance for short connections and delay-sensitive flows) outweigh these risks.