Presentation is loading. Please wait.

Presentation is loading. Please wait.

Accountable Internet Protocol David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker

Published byGabriel Holland Modified over 7 years ago

Similar presentations

Presentation on theme: "Accountable Internet Protocol David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker"— Presentation transcript:

1 Accountable Internet Protocol David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker http://www.aip-arch.nethttp://www.aip-arch.net/

2 2 IP Spoofing Million-Node Botnets Internet Full of Vulnerabilities Distributed DoS Prefix Hijacking Misconfigured Routers DNS Cache Poisoning

3 3 Ingress Filterin g Egress Filterin g uRPF Intrusio n Detecti on Bro Snort Vuln-based VMM-based Secure Routin g S-BGP SoBGP PG-BGP Pushba ck AITF Capabil ities SIFF Portcullis TVA Bandwidth- based Traceb ack Sampled Hash (SPIE) Pi FIT Filterin g Overlay s SOS Mayday Phalanx Honey pots Fast VM forking Honeyd IP

4 4 Drawbacks (a sampler)

5 IP Layer Names Don’t Have Secure Bindings Three kinds of IP layer names: IP address, IP prefix, AS number No secure binding of host to its IP addresses No secure binding of AS number to its IP prefixes

6 6 Accountability Many problems easier to solve with network-layer accountability: Ability to associate a principal with a message There’s a way to make accountability intrinsic 6 AIP

7 How? Key idea: New addressing scheme for networks and hosts Addresses are self-certifying Simple protocols that use properties of addressing scheme as foundation Anti-spoofing, secure routing, DDoS shut-off, etc.

8 AIP Addressing Autonomous domains, each with unique ID AD1 AD2 AD3 Address = AD1:EID If multihomed, has multiple addresses AD1:EID,AD2:EID,AD3:EID Each host has a global EID [HIP, DOA, etc.] Key Idea: AD and EID are self-certifying flat names AD = hash( public_key_of_AD ) Self-certification binds name to named entity Key Idea: AD and EID are self-certifying flat names AD = hash( public_key_of_AD ) Self-certification binds name to named entity Would fail together Single administrative domain An AD...

9 AIP Forwarding and Routing Y:EID AD R AD G AD B AD Y Source Inter-AD routing & forwarding: AD #s only. Intra-AD routing disseminates EIDs. Many routing protocols possible - derive security from AIP self-certification ADEID Destination

10 10 Roadmap Uses Secure Routing Anti-Spoofing Shut-Off Packets Concerns Scalability Key Management Traffic Engineering 10

11 Secure Routing with AIP (for BGP) Origin authentication: prefix originated by AS X actually belongs to X Path authentication: accuracy of AS path - S-BGP requires external infrastructures - In past, registries notoriously inaccurate ✓ With AIP: ADs exchange pub keys via BGP messages ✓ Origin auth automatic: ADs are keys! ✓ Path auth: Just like S-BGP, but no PKI Routing Registry PrefixPub Key AS PKI ASPub Key

12 12 Detecting & Preventing Spoofing P Sent P? {nonce} A Yes! { hash(P), nonce } K -1 A

13 13 Spoofing vs. Minting AIP guarantee: Nobody but X can claim to be X However: X could invent a new identity (minting) 13

14 14 Mitigating Minting Peering ADs: Today: List which ASes/Prefixes A can use (painful for clients and ISPs) AIP: Configure reasonable limit on number of ADs can announce Edge ADs can limit EIDs similarly 14

15 AIP Enables Secure Shut-Off Problem: Compromised zombie sending stream of unwanted traffic to victim Zombie is “well-intentioned”, owner benign [ Shaw ] Shut-off packet { key = K victim, TTL, hash=H( P ) } Shut-off scheme implemented in NIC (NIC firmware update requires physical access) Hardware requirements practical Bloom filter for replay prevention (8MB SRAM) ZombieVictim P K -1 victim

16 Can AIP Scale? How big will the routing tables be? # of entries: Scale from IP (ASes vs. prefixes vs. ADs) Diameter: Shrinking in IP AIP: more ADs on path Size of entries: Larger AIP addresses How much work to process updates? Crypto overhead

17 17 BGP Table Size Trends 17% annual growth 2020: 1.6M entries

18 With AIP... Number of entries? O(# of prefixes) Path length? Some large ASes -> Several ADs Let’s guess <= 60% increase AIP AD and EID (160 bits) IP (32 bits) AS (16) More mem per entry:

19 Growth vs. Hardware Semiconductor industry roadmap projects doubling in ~3 years 50% >> 17%. But let’s look at some #s... In 2020, can we build a cost-effective router for AIP traffic?

20 RIB Memory (20 full-table peers, core) By 2020... FIB: Will grow 5-9x DRAM, SRAM, TCAM: 16x growth per $ 200720112020 IP0.4 ($30)0.7 ($14)2.9 ($7) AIP1.3 ($103)2.0 ($40)8.2 ($21) Gigabytes (2007 Dollars) Without counting benefit from AIP flat lookups “IBM claims 22nm SRAM success” EETimes, Aug 18, 2008 “I/O Data Rates on commodity DRAM devices will increase to over 8 GB/s by 2022” ITRS 2007 roadmap

21 21 But what about speed? Scariest challenge: Update processing Load ~20 full tables on boot, fast.... And do S-BGP style crypto verification Limitations: Memory bandwidth, crypto CPU Memory bandwidth: 8.2GB of memory; today’s memory can handle 1.7GB/sec. Without AIP/S-BGP future router could load in ~30 seconds. With crypto, however... 21

22 22 Crypto overhead still hurts Process update: Validate RSA signature Trivially parallelized Worst-case result - crypto acceleration or clever BGP tricks reduce time 2008 (2.8Ghz quad-core) 2020 RSA Validate35k/sec480k/sec AIP/S-BGP Table Load ~141 seconds~66 seconds

23 23 Scaling summary Assuming continued network growth and semiconductor trends... ✓ An AIP router in 2020 will be cheaper than an IP router in 2007 (From RIB/FIB perspective)

24 Things I haven’t talked about AIP still requires DNS to go from name->AIP Traffic engineering Detecting key compromise Key management (2 level hierarchy) Hierarchical AIP addresses beyond the 2-level flat hierarchy presented here AIP’s benefits to mobility (HIP/TCP Migrate)

25 Conclusion Q: How to achieve network-layer accountability in an internetwork? A: Self-certifying internetwork addresses AD:EID (AIP) Each field derived from public keys Accountability intrinsic - has many uses We believe AIP will scale AIP composes well with mechanisms for mobility, DoS mitigation, availability, etc.

26 Cryptographic Evolution Each crypto version: 1 combination of algorithm and parameters To move to new one: Add support in all routers Once reasonably global, start using Begin phase-out of old version We anticipate ~5+ year cycle for this (Must pre-deploy one alternate version) Crypto Version Public Key Hash (144 bits) Interface (8 bits)

27 27 What is an AD? Group of addresses that Are administered together Would fail together under common failures Examples: A campus, a local organization Non-examples: CMU Pittsburgh / CMU Qatar (Each would be different AD) 27

28 Traffic Engineering ADs are good match for inbound TE techniques - granularity of campus/customer/reachable subnet If need finer-grained: Note ECMP unchanged; Note DNS load-balancing unchanged; AIP address interface bits to sub-divide AD 8 bits of interface space partition to up to 255 “paths” to a domain

29 Handling Key Compromise Preventing: Two-level key hierarchy (master signs offline; routers have temporary key) Detecting: Registry of addresses used e.g., AD registers “EID X is connecting through me” Registries simple: entirely self-certifying Recovering: Renumber + (self-certifying) revocation registry

30 30 Shut-Off Replay Prevention SOP Sent Before? Receive SOP: Xmit Packet: key, TTL, hash P Hash (SHA-384) Bloom Filter: k=12, size=64 Mbits... ?? Signature OK? Install filter to V signed, V Dest Filters Dest Allowed? ? Sending rate <= 50kpps False Positives < 1 in 35M: Replay 100Mbit/s for > 5 min to trigger (Only if V previously sent SOP to S)

31 31 Mutual Shut-Off Attack: Zombie Z wants to flood victim V First, Z pings V. Gets response back. Z sends Shut-Off packet to V. Z floods V. Resolution: Smart-NIC allows V to send SOPs at very low rate (1 per 30 seconds) even though filtered ➡ Hosts can mutually shut-off... 31

32 Crypto Version Public Key Hash (144 bits) Interface (8 bits) VersNormal IP headers...Random ID# dests next-dest # srcs Source EID Source AD Dest EID Dest AD (next hop) Dest AD Stack... Source AD Stack... AIP Address AIP Header

33 AIP Verification Protocol Receive pkt w/ src A:E Drop pkt Send nonce to A or E Nonce response must be signed w/ A’s (or E’s) priv key Receive nonce resp Verify signature Add A (or E):iface to accept cache Local AD? N Y N Trust nbr AD? N Y Accept & forward Y In accept cache? SLA, uRPF, …

34 Protecting Those who Protect Themselves To bound size of accept cache, if too many entries of AD:x, AD:x2,... Upgrade to “wildcard”: AD:* If many compromised hots in AD, they can allow others to spoof AD If AD secure, nobody can spoof it

35 Table Size Projections 17% growth and predictions from Fuller & Huston; rough agreement for 2020 Year17% GrowthFuller/Huston 2008Observed: 247K 2011396K600K-1M 20201.6M1.3-2.3M

Download ppt "Accountable Internet Protocol David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker"

Similar presentations

Accountable Internet Protocol

Accountable Internet Protocol
Network Support for Accountability Nick Feamster Georgia Tech Collaborative Response with David Andersen (CMU), Hari Balakrishnan (MIT), Scott Shenker.

Network Support for Accountability Nick Feamster Georgia Tech Collaborative Response with David Andersen (CMU), Hari Balakrishnan (MIT), Scott Shenker.
Accountable Internet Protocol David Andersen (CMU) Hari Balakrishnan (MIT) Nick Feamster (Georgia Tech) Scott Shenker (Berkeley)

Accountable Internet Protocol David Andersen (CMU) Hari Balakrishnan (MIT) Nick Feamster (Georgia Tech) Scott Shenker (Berkeley)
IP Security Nick Feamster CS 6262 Spring 2009. IP Security have a range of application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.

IP Security Nick Feamster CS 6262 Spring IP Security have a range of application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
Multihoming and Multi-path Routing

Multihoming and Multi-path Routing
Network Support for Sharing. 2 CABO: Concurrent Architectures are Better than One No single set of protocols or functions –Different applications with.

Network Support for Sharing. 2 CABO: Concurrent Architectures are Better than One No single set of protocols or functions –Different applications with.
Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
Multihoming and Multi-path Routing

Multihoming and Multi-path Routing
Improving Internet Availability Network Accountability Architectural foundations for defense against spoofing, route hijacking, etc. Architecture for Market.

Improving Internet Availability Network Accountability Architectural foundations for defense against spoofing, route hijacking, etc. Architecture for Market.
1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)

1 Data-Oriented Network Architecture (DONA) Scott Shenker (M. Chowla, T. Koponen, K. Lakshminarayanan, A. Ramachandran, A. Tavakoli, I. Stoica)
Routing Basics.

Routing Basics.
RIP V2 W.lilakiatsakun.  RFC 2453 (obsoletes –RFC 1723 /1388)  Extension of RIP v1 (Classful routing protocol)  Classless routing protocol –VLSM is.

RIP V2 W.lilakiatsakun.  RFC 2453 (obsoletes –RFC 1723 /1388)  Extension of RIP v1 (Classful routing protocol)  Classless routing protocol –VLSM is.
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.

Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”

A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
NISNet Winter School Finse 2008 1 Internet & Web Security Case Study 2: Mobile IPv6 security Dieter Gollmann Hamburg University of Technology

NISNet Winter School Finse Internet & Web Security Case Study 2: Mobile IPv6 security Dieter Gollmann Hamburg University of Technology
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Shivkumar KalyanaramanRensselaer Q1-1 ECSE-6600: Internet Protocols Quiz 1 Time: 60 min (strictly enforced) Points: 50 YOUR NAME: Be brief, but DO NOT.

Shivkumar KalyanaramanRensselaer Q1-1 ECSE-6600: Internet Protocols Quiz 1 Time: 60 min (strictly enforced) Points: 50 YOUR NAME: Be brief, but DO NOT.
Efficient and Secure Source Authentication with Packet Passports Xin Liu (UC Irvine) Xiaowei Yang (UC Irvine) David Wetherall (Univ. of Washington) Thomas.

Efficient and Secure Source Authentication with Packet Passports Xin Liu (UC Irvine) Xiaowei Yang (UC Irvine) David Wetherall (Univ. of Washington) Thomas.
Announcements List Lab is still under construction Next session we will have paper discussion, assign papers,

Announcements List Lab is still under construction Next session we will have paper discussion, assign papers,

Similar presentations

Ads by Google