Accountable Internet Protocol

Slides:



Advertisements
Similar presentations
Computer Networks TCP/IP Protocol Suite.
Advertisements

Virtual Trunk Protocol
Secure Routing Panel FIND PI Meeting (June 27, 2007) Morley Mao, Jen Rexford, Xiaowei Yang.
OSPF 1.
1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.
A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,
Security Issues In Mobile IP
Path Splicing with Network Slicing Nick Feamster Murtaza Motiwala Santosh Vempala.
Network Support for Accountability Nick Feamster Georgia Tech Collaborative Response with David Andersen (CMU), Hari Balakrishnan (MIT), Scott Shenker.
Accountable Internet Protocol David Andersen (CMU) Hari Balakrishnan (MIT) Nick Feamster (Georgia Tech) Scott Shenker (Berkeley)
IP Security Nick Feamster CS 6262 Spring IP Security have a range of application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
Multihoming and Multi-path Routing
Network Support for Sharing. 2 CABO: Concurrent Architectures are Better than One No single set of protocols or functions –Different applications with.
Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
1 Building a Fast, Virtualized Data Plane with Programmable Hardware Bilal Anwer Nick Feamster.
Multihoming and Multi-path Routing
Interconnection: Switching and Bridging CS 4251: Computer Networking II Nick Feamster Fall 2008.
Improving Internet Availability Network Accountability Architectural foundations for defense against spoofing, route hijacking, etc. Architecture for Market.
MPLS VPN.
Offloading Routing Complexity to the Cloud(s) Hasan T. Karaoglu, Murat Yuksel University of Nevada, Reno ICC13, Budapest June, 2013.
1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)
Chapter 1: Introduction to Scaling Networks
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Distance Vector Routing Protocols Routing Protocols and Concepts –
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Subnetting IP Networks Network Fundamentals.
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
IPv6 Routing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 EN0129 PC AND NETWORK TECHNOLOGY I NETWORK LAYER AND IP Derived From CCNA Network Fundamentals.
IP Routing.
Route Optimisation RD-CSY3021.
06-Sep-2006Copyright (C) 2006 Internet Initiative Japan Inc.1 Prevent DoS using IP source address spoofing MATSUZAKI ‘maz’ Yoshinobu.
Chapter 9: Subnetting IP Networks
Multihoming and Multi-path Routing CS 7260 Nick Feamster January
Routing Basics.
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
Lecture 5 - Routing On the Flat Labels M.Sc Ilya Nikolaevskiy Helsinki Institute for Information Technology (HIIT)
NISNet Winter School Finse Internet & Web Security Case Study 2: Mobile IPv6 security Dieter Gollmann Hamburg University of Technology
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Shivkumar KalyanaramanRensselaer Q1-1 ECSE-6600: Internet Protocols Quiz 1 Time: 60 min (strictly enforced) Points: 50 YOUR NAME: Be brief, but DO NOT.
Efficient and Secure Source Authentication with Packet Passports Xin Liu (UC Irvine) Xiaowei Yang (UC Irvine) David Wetherall (Univ. of Washington) Thomas.
1 Chapter 13: Representing Identity What is identity Different contexts, environments Pseudonymity and anonymity.
Announcements List Lab is still under construction Next session we will have paper discussion, assign papers,
Lecture Week 3 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts.
CS 6401 Efficient Addressing Outline Addressing Subnetting Supernetting.
Computer Networks Layering and Routing Dina Katabi
Brief Announcement: Spoofing Prevention Method Anat Bremler-Barr Hanoch Levy computer science computer science Interdisciplinary Center Herzliya Tel-Aviv.
1 Accountable Internet Protocol David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker Carnegie Mellon University,
1 Computer Communication & Networks Lecture 22 Network Layer: Delivery, Forwarding, Routing (contd.)
M.Menelaou CCNA2 ROUTING. M.Menelaou ROUTING Routing is the process that a router uses to forward packets toward the destination network. A router makes.
Information-Centric Networks07c-1 Week 7 / Paper 3 Accountable Internet Protocol (AIP) –Michael Walfish, Hari Balakrishnan and Scott Shenker David G. Andersen,
Routing protocols Basic Routing Routing Information Protocol (RIP) Open Shortest Path First (OSPF)
IP Forwarding.
Efficient Addressing Outline Addressing Subnetting Supernetting CS 640.
HAIR: Hierarchical Architecture for Internet Routing Anja Feldmann TU-Berlin / Deutsche Telekom Laboratories Randy Bush, Luca Cittadini, Olaf Maennel,
David Wetherall Professor of Computer Science & Engineering Introduction to Computer Networks Hierarchical Routing (§5.2.6)
Addressing Issues David Conrad Internet Software Consortium.
Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.
More on Internet Routing A large portion of this lecture material comes from BGP tutorial given by Philip Smith from Cisco (ftp://ftp- eng.cisco.com/pfs/seminars/APRICOT2004.
A Dynamic Packet Stamping Methodology for DDoS Defense Project Presentation by Maitreya Natu, Kireeti Valicherla, Namratha Hundigopal CISC 859 University.
SDX: A Software-Defined Internet eXchange Jennifer Rexford Princeton University
Multimedia & Mobile Communications Lab.
ICS 156: Networking Lab Magda El Zarki Professor, ICS UC, Irvine.
Information-Centric Networks Section # 7.3: Evolved Addressing & Forwarding Instructor: George Xylomenos Department: Informatics.
IP Spoofing. What Is IP Spoofing Putting a fake IP address in the IP header field for source address (requires root)
BUFFALO: Bloom Filter Forwarding Architecture for Large Organizations Minlan Yu Princeton University Joint work with Alex Fabrikant,
Accountable Internet Protocol David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker
MAC Addresses and ARP 32-bit IP address:
COS 561: Advanced Computer Networks
BGP Security Jennifer Rexford Fall 2018 (TTh 1:30-2:50 in Friend 006)
Data-Oriented Network Architecture (DONA)
Presentation transcript:

Accountable Internet Protocol David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker http://www.aip-arch.net/

Many Security Problems/Point Solutions For each problem, point solutions Fundamental problem: accountability is not intrinsic to current Internet architecture

IP Addresses/Names Lack Secure Bindings Three kinds of IP layer names: IP address, IP prefix, AS number No secure binding of host to its IP addresses No secure binding of AS number to its IP prefixes Quickly explain what the names are and what they’re bound to. Give example with numeric example... if you own 18.31.0.0 ... someone else can come along and announce it...

Accountability Many problems easier to solve with network-layer accountability: Ability to associate a principal with a message There’s a way to make accountability intrinsic Many problems arise from the fact that we don’t have the ability to associate an entity with an action, so you can send whatever you want, etc. If we had an architecture that supported that, many of these problems go away. That property is accountability, ... The premise of our talk is that there’s a way to make accountability intrinsic to the network layer. AIP 4

How? Key idea: New addressing scheme for networks and hosts Addresses are self-certifying Simple protocols that use properties of addressing scheme as foundation Anti-spoofing, secure routing, DDoS shut-off, etc. Here: Builds on lots of related work; discuss some of it during talk, rest are in paper Addresses are self-certifying. I’ll define that on the next slide, but that means they have some inherent cryptographic properties

AIP Addressing AD2 Key Idea: AD and EID are self-certifying flat names Autonomous domains, each with unique ID AD2 Key Idea: AD and EID are self-certifying flat names AD = hash( public_key_of_AD ) Self-certification binds name to named entity AD1 AD3 Address = AD1:EID Each host has a global EID [HIP, DOA, etc.] If multihomed, has multiple addresses AD1:EID,AD2:EID,AD3:EID ADs are like ASes in administration, but smaller in size, more like a prefix block. An atomic unit of interdomain routing -- routing object size/granularity. Give example of CMU Mention possible to do cascaded AD:AD:AD:AD... described in paper, assume 2- level for ease of exposition. Each field is self-certifying! Everybody has a public key THAT THEY MAKE UP

AIP Forwarding and Routing AD G AD B AD R AD Y Source Y:EID AD EID Destination Point out that this is using BGP... no matter what protocol you use, you still need origin auth, etc. Animate the whole thing. Show Y has internal structure show routing announcements Inter-AD routing & forwarding: AD #s only. Intra-AD routing disseminates EIDs. Many routing protocols possible - derive security from AIP self-certification

Roadmap Uses Secure Routing Anti-Spoofing Shut-Off Packets Concerns Scalability Key Management Traffic Engineering Say: Mechanisms build on much previous work; point is that AIP makes them all much simpler and automatic 8

Secure Routing with AIP (for BGP) Origin authentication: prefix originated by AS X actually belongs to X Path authentication: accuracy of AS path S-BGP requires external infrastructures In past, registries notoriously inaccurate With AIP: ADs exchange pub keys via BGP messages Origin auth automatic: ADs are keys! Path auth: Just like S-BGP, but no PKI Routing Registry Prefix Pub Key AS PKI AS Pub Key

Detecting & Preventing Spoofing A P Sent P? {nonce} Yes! { hash(P), nonce } K-1 A 10

Spoofing vs. Minting AIP guarantee: Nobody but X can claim to be X However: X could invent a new identity (minting) 11

Mitigating Minting Peering ADs: Today: List which ASes/Prefixes A can use (painful for clients and ISPs) AIP: Configure reasonable limit on number of ADs can announce Edge ADs can limit EIDs similarly 12

AIP Enables Secure Shut-Off Problem: Compromised zombie sending stream of unwanted traffic to victim Zombie is “well-intentioned”, owner benign [Shaw] P Zombie Victim Shut-off packet { key = Kvictim, TTL, hash=H(P) } K-1victim Well-intentioned, but they’ve left their Windows open Shut-off scheme implemented in NIC (NIC firmware update requires physical access) Hardware requirements practical Bloom filter for replay prevention (8MB SRAM)

Can AIP Scale? How big will the routing tables be? # of entries: Scale from IP (ASes vs. prefixes vs. ADs) Diameter: Shrinking in IP AIP: more ADs on path Size of entries: Larger AIP addresses How much work to process updates? Crypto overhead Ok - you’re here, but you’re thinking “how do you scale? you’ve gotten rid of the prefix hierarchy... Smoking flat-land hash Say bandwidth isn’t significant Point out these results interesting in themselves

Scaling summary Assuming continued network growth and semiconductor trends... An AIP router in 2020 will be cheaper than an IP router in 2007 (From RIB/FIB perspective)

Other Concerns Still need DNS to map from name to AIP address Traffic engineering Detecting and recovering from key compromise Key management Hierarchical AIP addresses

Conclusion Q: How to achieve network-layer accountability in an internetwork? A: Self-certifying internetwork addresses AD:EID (AIP) Each field derived from public keys Accountability intrinsic - has many uses We believe AIP will scale AIP composes well with mechanisms for mobility, DoS mitigation, availability, etc. (even if you don’t agree with all of it, the fundamental idea may apply to your favorite problem...) finally, future may not use AIP, but if it inherits the idea of self-certifying addresses, it will benefit lots of things, and we hope the community will give this idea fair hearing

Cryptographic Evolution Version Public Key Hash (144 bits) Interface (8 bits) Each crypto version: 1 combination of algorithm and parameters To move to new one: Add support in all routers Once reasonably global, start using Begin phase-out of old version We anticipate ~5+ year cycle for this (Must pre-deploy one alternate version)

What is an AD? Group of addresses that Are administered together Would fail together under common failures Examples: A campus, a local organization Non-examples: CMU Pittsburgh / CMU Qatar (Each would be different AD) 20

Traffic Engineering ADs are good match for inbound TE techniques - granularity of campus/customer/reachable subnet If need finer-grained: Note ECMP unchanged; Note DNS load-balancing unchanged; AIP address interface bits to sub-divide AD 8 bits of interface space partition to up to 255 “paths” to a domain

Handling Key Compromise Preventing: Two-level key hierarchy (master signs offline; routers have temporary key) Detecting: Registry of addresses used e.g., AD registers “EID X is connecting through me” Registries simple: entirely self-certifying Recovering: Renumber + (self-certifying) revocation registry

Shut-Off Replay Prevention Xmit Packet: P Hash (SHA-384) Dest Allowed? ... Sending rate <= 50kpps False Positives < 1 in 35M: Replay 100Mbit/s for > 5 min to trigger (Only if V previously sent SOP to S) ? Bloom Filter: k=12, size=64 Mbits Dest Filters Receive SOP: ? ? Sent Before? Signature OK? Install filter to V SOP key, TTL, hash signed, V

Mutual Shut-Off Attack: Zombie Z wants to flood victim V Resolution: First, Z pings V. Gets response back. Z sends Shut-Off packet to V. Z floods V. Resolution: Smart-NIC allows V to send SOPs at very low rate (1 per 30 seconds) even though filtered Hosts can mutually shut-off... 24

AIP Address AIP Header Crypto Version Public Key Hash (144 bits) Interface (8 bits) AIP Header Vers Normal IP headers ... Random ID # dests next-dest # srcs Source EID Source AD Dest EID Dest AD (next hop) Dest AD Stack ... Source AD Stack ...

AIP Verification Protocol Accept & forward Y In accept cache? Receive pkt w/ src A:E Y Local AD? N Y Nonce response must be signed w/ A’s (or E’s) priv key Receive nonce resp Verify signature N Trust nbr AD? Add A (or E):iface to accept cache SLA, uRPF, … N Drop pkt Send nonce to A or E

Protecting Those who Protect Themselves To bound size of accept cache, if too many entries of AD:x, AD:x2, ... Upgrade to “wildcard”: AD:* If many compromised hots in AD, they can allow others to spoof AD If AD secure, nobody can spoof it

Table Size Projections Year 17% Growth Fuller/Huston 2008 Observed: 247K 2011 396K 600K-1M 2020 1.6M 1.3-2.3M 17% growth and predictions from Fuller & Huston; rough agreement for 2020

17% annual growth 2020: 1.6M entries BGP Table Size Trends 17% annual growth 2020: 1.6M entries Say: Is consistent with other studies

With AIP... Number of entries? O(# of prefixes) (32 bits) AS (16) More mem per entry: AIP AD and EID (160 bits) Number of entries? O(# of prefixes) Path length? Some large ASes -> Several ADs Let’s guess <= 60% increase

Growth vs. Hardware Semiconductor industry roadmap projects doubling in ~3 years 50% >> 17%. But let’s look at some #s... In 2020, can we build a cost-effective router for AIP traffic? point out recently downgraded.. Moving to AIP is not going to be an onerous cost: We find that an AIP router costs less in equivalent dollars in 2020 than an AIP router 2007

RIB Memory (20 full-table peers, core) Gigabytes (2007 Dollars) 2007 2011 2020 IP 0.4 ($30) 0.7 ($14) 2.9 ($7) AIP 1.3 ($103) 2.0 ($40) 8.2 ($21) “I/O Data Rates on commodity DRAM devices will increase to over 8 GB/s by 2022” ITRS 2007 roadmap “IBM claims 22nm SRAM success” EETimes, Aug 18, 2008 By 2020... FIB: Will grow 5-9x DRAM, SRAM, TCAM: 16x growth per $ Without counting benefit from AIP flat lookups

But what about speed? Scariest challenge: Update processing Load ~20 full tables on boot, fast. ... And do S-BGP style crypto verification Limitations: Memory bandwidth, crypto CPU Memory bandwidth: 8.2GB of memory; today’s memory can handle 1.7GB/sec. Without AIP/S-BGP future router could load in ~30 seconds. With crypto, however... 33

Crypto overhead still hurts Process update: Validate RSA signature Trivially parallelized Worst-case result - crypto acceleration or clever BGP tricks reduce time 2008 (2.8Ghz quad-core) 2020 RSA Validate 35k/sec 480k/sec AIP/S-BGP Table Load ~141 seconds ~66 seconds