Home/ Questions/Q 8470321
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T16:29:03+00:00

Before I ask any Q'(s), I understand that: 1. Transmission Control Protocol (TCP) runs

  • 0

Before I ask any Q'(s), I understand that:
1. Transmission Control Protocol (TCP) runs on top of IP,

  1. TCP provides guaranteed delivery, and ensures that the packets are delivered in sequence.

  2. The underlying network IP, is highly unreliable and does not provide any guarantee for TCP.

  3. I’m not an networking pro.

I’ve been reading an interesting detailed Security article by CHRIS CHAMBERS, JUSTIN DOLSKE, and JAYARAMAN IYER on TCP IP Security, the basis of today’s internet ; which unfortunately lack even the most basic mechanisms for security.

I understand that the TCP and IP protocols were designed when the ‘Internets’ was small, and users generally trusted each other. In most occasions, the two protocols that are referred to are:
the RFC’s for IP [RFC 791], and TCP [RFC 793].

As discussed, “Since the network is dynamic, it is possible that two datagrams from the same source take different paths to make it to the destination”, and “IP only tries for a best-effort delivery. It does not take care of lost packets; this is left to the higher layer protocols. There is no state maintained between two datagrams; in other words, IP is connection-less…….”.

Among other many problems,nnone of the IP fields are encrypted and there’s no authentication (Note that this is partially fixed in in IP6).

Are there any ‘real’ fixes for TCP/IP 4 weaknesses?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    That is not a weakness, it is a design implementation. The delivery layer itself does not care how the packets arrive to their destinations. It is up to the receiver to notify the sender as to any lost packets that need to be resent.

    Imagine if the packets took every possible path at the same time. Even with optic fiber, the traffic would be so unbelievably high that we would probably be getting dialup speeds.

    Also encrypting the IP fields doesn’t really make sense as the routers have to be able to read them. If they were encrypted and the router didn’t have the correct decryption algorithm, the packets would just be discarded as junk. If the routers did have the decryption, this algorithm would be so easily gained/cracked that there would be no point in the first place.

    You may be interested in this IP Encapsulation Security Payload Memo

    • 0