Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

Pretty Good Packet Authentication Rodrigo Rodrigues Andreas Haeberlen Peter Druschel

advertisement 
Pretty Good Packet Authentication
Andreas Haeberlen
MPI-SWS / Rice University
© 2008 Andreas Haeberlen, MPI-SWS
Rodrigo Rodrigues
MPI-SWS
Krishna Gummadi
MPI-SWS
Peter Druschel
MPI-SWS
1
Packet authentication
Admin
Packet P
(source address X)
Assigns
IP address X
Bar.net
Foo.net
Alice


Internet
Bob
Internet packets cannot be authenticated
Example: Alice receives P, source address X


Can Alice be sure that P was sent by the host with address X?
(no, addresses can be spoofed!)
Can Alice convince a third party that P was sent by this host?
(no, packets can be forged!)
© 2008 Andreas Haeberlen, MPI-SWS
2
The Internet needs packet authentication
No more mail
from bar.net!
Mail
server
Innocen
t.net
Innocent.net
Foo.net
Internet
Bar.net
Eve

The lack of packet authentication is causing
a variety of problems, e.g.:

Bypassing spam blacklists [SIGCOMM'06]
© 2008 Andreas Haeberlen, MPI-SWS
3
The Internet needs packet authentication
"Hi, I am Alice"
Innocen
t.net
Tracker
Foo.net
Bar.net
Alice
Eve

The lack of packet authentication is causing
a variety of problems, e.g.:


Bypassing spam blacklists [SIGCOMM'06]
False accusations [HotSec'08]
© 2008 Andreas Haeberlen, MPI-SWS
4
The Internet needs packet authentication
?!?
Admin
Foo.net
"Alice has been portscanning me!"
Bar.net
Eve
Alice

The lack of packet authentication is causing
a variety of problems, e.g.:




Bypassing spam blacklists [SIGCOMM'06]
False accusations [HotSec'08]
Unverifiable complaints, plausible deniability
Can we add authentication to the Internet?
© 2008 Andreas Haeberlen, MPI-SWS
5
Which properties do we want?
Deployment path?Infeasible / too strong
PGPA
Clean-slate
designs
(e.g. AIP)
Crypto+
Brain
biometrics scanner
Weak
Strong
More
Internet
IP
ingress
today
traceback
filtering

There is a spectrum of possible solutions



Strength vs. other goals (such as privacy)
Strength vs. feasibility/practicability
Can we find a good compromise?
© 2008 Andreas Haeberlen, MPI-SWS
6
Has X sent
at 4:11pm
today?
Proposed solution: PGPA
Packet
(source address X)
Alice Has X sent
at 4:11pm
today?
Yes
Address X
assigned here
Bar.net
Foo.net
Internet
Bob
Judy


We propose Pretty Good Packet Authentication
PGPA provides the following capability:
Given a packet, a source address and timestamp,
the ISP that owns the source address can verify
whether the packet was sent at approximately that time
© 2008 Andreas Haeberlen, MPI-SWS
7
Privacy and anonymity
source
address
and
timestamp,
Givenaapacket,
packet,
a source
address
and
timestamp,
Given
a source
address
the ISP that owns the source address can verify
whether the packet was sent at approximately that time

PGPA protects users' privacy


To ask a question about a packet, the requester must
already know the entire packet
PGPA is compatible with anonymity

Standard techniques (such as onion routing) can
still be applied
© 2008 Andreas Haeberlen, MPI-SWS
8
Outline





Introduction
Pretty Good Packet Authentication (PGPA)
How PGPA could be used
A simple implementation
Conclusion
© 2008 Andreas Haeberlen, MPI-SWS
9
How PGPA could be used
Was this traffic sent
from Innocent.net?
Mail
server
Foo.net
No
Innocen
t.net
Innocent.net
Bar.net
Eve

PGPA could be used to solve each of the
motivating problems:

Bypassing spam blacklists
© 2008 Andreas Haeberlen, MPI-SWS
10
Was this
sent from
1.2.3.4?
How PGPA could be used
"Hi, I am Alice"
No
Innocen
t.net
Tracker
Foo.net
Alice 1.2.3.4
Bar.net
Eve

PGPA could be used to solve each of the
motivating problems:


Bypassing spam blacklists
False accusations
© 2008 Andreas Haeberlen, MPI-SWS
11
How PGPA could be used
Is that
true?
Admin
Foo.net
"Alice has been portscanning me!"
Bar.net
Eve
Alice

PGPA could be used to solve each of the
motivating problems:



Bypassing spam blacklists
False accusations
Unverifiable complaints, plausible deniability
© 2008 Andreas Haeberlen, MPI-SWS
12
PGPA tradeoffs
Limitations:



Associates packets with addresses, not users
Reveals that packets were sent, but not why
Assumes that ISPs and users do not collude
Advantages:






Very simple
Effective against real-world problems
Compatible with anonymity
Protects users' privacy
Straightforward implementation
Rest of this talk
Plausible deployment path
© 2008 Andreas Haeberlen, MPI-SWS
13
Outline





Introduction
Pretty Good Packet Authentication (PGPA)
How PGPA could be used
A simple implementation
Conclusion
© 2008 Andreas Haeberlen, MPI-SWS
14
Keeping records of past traffic
Access links
Alice
B.net
A.net
Internet
Bob
Charlie

PGPA needs to 'remember' past traffic



A set of traffic monitors keep a record of transmitted packets
Storing (timestamp, hash) per packet is sufficient
Where should the traffic monitors be placed?


Natural choice: Access link
Backbone is not modified  much easier to deploy
© 2008 Andreas Haeberlen, MPI-SWS
15
Where to place the traffic monitor?
Secure channel
Modem
A.net
User's premises:


Router
Monitor
Inexpensive; good scalability
User can physically destroy
the device
At the ISP:
A.net


Easy to deploy
User has to trust the ISP
Both:
A.net


© 2008 Andreas Haeberlen, MPI-SWS
No trust userISP required
More overhead
16
Calculating digests
TTL: 58
63
CONTENT
Hash: 0xD1FF

Hash: 0x4711
Monitor stores only a digest of each packet


A.net
TTL: 63
CONTENT
Saves space; preserves privacy if monitor is compromised
What if packet is transformed in the network?



Examples: TTL, ECN bits, IP fragmentation, header options
Digest must be invariant to transformations [Snoeren02]
Reassemble packet before hashing; zero out certain fields
© 2008 Andreas Haeberlen, MPI-SWS
17
PGPA preserves users' privacy
Did you
you send
send packet
traffic
Did
to cnn.com
earlier
X at time
t? today?
Spy

Can PGPA be used to snoop on users' traffic?




Yes
Monitor
Seen earlier: PGPA only confirms specific packets
But what if the attacker tries to guess a packet?
Infeasible - attacker would have to correctly guess the
transmission time plus TCP seq. no., IPID field, etc. (≥80 bits)
What if the monitor is stolen or compromised?


Only reveals digests, not actual packets
Can include a salt in each digest (against dictionary attacks)
© 2008 Andreas Haeberlen, MPI-SWS
18
Traffic monitors are feasible

How much storage does a monitor need?




Example: DSL connection
Assume worst case: 1 Mbps upstream, fully utilized with 40byte packets at all times  3,125 packets/sec
Monitor stores SHA-1 hash, 32-bit timestamp per packet
 Need 187 GB/month
Single harddisk per user in the worst case


Likely to hold in the future (storage grows faster than bw)
Many set-top boxes already contain storage
© 2008 Andreas Haeberlen, MPI-SWS
19
Summary



The Internet needs a mechanism to
authenticate packets
Pretty Good Packet Authentication (PGPA) is
a compromise between power and feasibility
PGPA is simple, easy to implement, and has
a plausible deployment path
Thank you!
© 2008 Andreas Haeberlen, MPI-SWS
20
Related documents
Warriors of the net questions 1. What three things are put on the
Warriors of the net questions 1. What three things are put on the
Algebra 1 Preparing for Success Packet
Algebra 1 Preparing for Success Packet
Sportfolio Criteria - JCB Physical Education
Sportfolio Criteria - JCB Physical Education
AP Biology –
AP Biology –
Summer Review Packet for Students Entering Algebra 1
Summer Review Packet for Students Entering Algebra 1
Download
advertisement