Transmission Control Protocol (TCP)

The Transmission Control Protocol (TCP) is one of the main protocols of the Internet. It is used to transfer data between computers on a network in a secure and reliable manner. TCP belongs to the so-called transport layer of the OSI model and works together with the Internet Protocol (IP). While IP is responsible for routing data packets between the sender and the recipient, it ensures that the data is transferred reliably. 

How does the transmission control protocol (TCP) work?

The transmission control protocol works in several stages to ensure that data is transmitted reliably, in the correct order and without errors from a sender to a recipient. This process can be divided into the following phases: 

Establishing a connection (three-way handshake)
Before data can be transmitted, a connection must be established between the sender and the recipient. This is done by means of a so-called three-way handshake, which consists of three steps: 

• SYN: The sender sends a packet with a SYN flag (Synchronize) to the receiver to request a connection. 

• SYN-ACK: The receiver acknowledges receipt of the SYN packet by returning a SYN-ACK packet (Synchronize Acknowledge). 

• ACK: The sender acknowledges receipt of the SYN-ACK packet with an ACK packet (Acknowledge). After this step, the connection is established and data transmission can begin. 

Data transmission
As soon as the connection has been established, the actual data transfer begins. TCP transmits data in the form of packets, which are often referred to as segments. During this phase, the protocol ensures that the data arrives reliably and in the correct order: 

• Sequence numbers: Each segment is provided with a sequence number that allows the data to be reconstructed in the correct order by the recipient. Even if the packets do not arrive in the correct order (e.g., due to different routes in the network), this information allows TCP to sort them correctly. 

• Receipt confirmation (ACK): The recipient confirms the successful receipt of each segment by returning an ACK packet with the sequence number of the next expected segment. If the recipient does not receive a segment within a certain time, it requests the missing segment again. 

• Error detection and correction: TCP uses a checksum to ensure that the data in the segment has not been corrupted. If the checksum does not match, the segment is considered to be defective and the sender resends it. 

• Flow control: TCP uses mechanisms such as sliding windows to ensure that the sender does not overwhelm the receiver with too much data. The receiver regularly informs the sender about how much data it can receive at any one time. 

• Congestion control: TCP also has built-in congestion control to avoid overloading the network. If the network is overloaded, TCP reduces the transmission speed. 

Disconnection
Once the data transfer is complete, the TCP connection is closed. This process also takes place in several steps: 

• FIN: The sender sends a FIN packet (Finish) to initiate the disconnection. 

• ACK: The recipient confirms receipt of the FIN packet with an ACK packet. 

• FIN: The recipient now sends a FIN packet to close the connection. 

• ACK: The sender confirms this FIN packet with a final ACK, which completely closes the connection. 

What is the protocol used for? 

The Transmission Control Protocol is used for many applications and services where reliable and error-free transmission of data is crucial. TCP ensures that data is transferred between two devices completely and in the correct order, making it indispensable for numerous everyday Internet and network activities.

Website views
When you view a website in your browser, TCP is used to transfer the website from the server to your computer. The protocol behind web traffic, HTTP or HTTPS, uses TCP to ensure that all website data arrives correctly and completely.

Email protocols
Email protocols such as SMTP, IMAP and POP3 use TCP to transfer emails securely from a server to a client and back. TCP guarantees that messages are delivered without loss or error.

File transfer
When transferring files over the Internet, for example using File Transfer Protocol (FTP) or Secure File Transfer Protocol (SFTP), TCP ensures that the file is transferred correctly and completely.

Remote access
Protocols such as SSH (Secure Shell) and Telnet enable secure and reliable remote access to computers and servers. TCP ensures that communication between the two devices is stable and reliable. 

Peer-to-peer and torrents
Many peer-to-peer networks and file transfer protocols also use TCP to ensure the consistency of the transmitted data. While some P2P protocols also use UDP (User Datagram Protocol), TCP is often used for the reliable transmission of large amounts of data.

Database queries
Database protocols, such as those used by MySQL or PostgreSQL, use TCP to ensure that queries and responses between the database and the client are transmitted correctly and in the correct order.

Virtual Private Networks (VPNs)
VPN protocols such as OpenVPN use TCP to create secure and reliable connections over the Internet. This ensures that data is transferred securely and without loss over the encrypted connection.

TCP is used wherever reliability and accuracy are crucial, including applications that depend on data not being lost or arriving incorrectly. 

What are the weaknesses of TCP?

Although the Transmission Control Protocol (TCP) is a reliable and widely used protocol for many applications, it does come with some inherent weaknesses.

The three-way handshake used to establish a connection can be exploited by attackers, particularly in so-called SYN flood attacks. This involves sending many SYN requests without completing the handshake, which can exhaust server resources and cause an overload.

TCP requires a lot of control information such as sequence numbers, acknowledgements (ACKs) and flow control mechanisms to ensure reliability. This results in higher protocol overhead compared to other protocols such as UDP (User Datagram Protocol), which can negatively affect performance in applications with real-time requirements (e.g., video streaming or online gaming).

TCP only supports unicast connections, i.e., a one-to-one connection between sender and receiver. It does not natively support broadcast or multicast, which means it is inefficient when data needs to be sent to multiple receivers at the same time.

TCP uses congestion control mechanisms such as Slow Start to avoid network congestion, which help to reduce the transmission speed. However, in an unstable network, these mechanisms can lead to inefficient bandwidth utilization and unnecessary performance degradation.

TCP does not inherently provide encryption. Without additional security protocols such as TLS (Transport Layer Security), TCP is vulnerable to man-in-the-middle attacks, in which attackers can intercept or manipulate traffic.

The protocol uses sequence numbers to determine the order of data packets. By guessing or manipulating these sequence numbers, an attacker could disrupt the connection or insert themselves into the communication flow without authorization. An example of this is the TCP spoofing attack.

In mobile networks (e.g., when switching between WLAN and mobile data networks), TCP can be unstable because it was developed for stationary networks. When a terminal moves between different networks, the connection can be interrupted.

TCP was originally designed for slower networks and has difficulty using the available bandwidths of high-speed networks efficiently. Modern variants such as TCP BBR (Bottleneck Bandwidth and Round-trip propagation time) have been developed to address these vulnerabilities, but older versions of TCP suffer from inefficient bandwidth utilization in such environments.

TCP has no inherent protection against denial-of-service attacks. In a DDoS attack, an attacker sends a flood of data packets to overload the network and disrupt legitimate connections. Without additional safeguards, TCP is vulnerable in such scenarios. 

Share this post