Traversing symmetric NAT with predictable port allocation function SIN 2014 Dušan Klinec, Vashek Matyáš Faculty of Informatics, Masaryk University.

Presentation on theme: "Traversing symmetric NAT with predictable port allocation function SIN 2014 Dušan Klinec, Vashek Matyáš Faculty of Informatics, Masaryk University."— Presentation transcript:

Traversing symmetric NAT with predictable port allocation function SIN 2014 Dušan Klinec, Vashek Matyáš Faculty of Informatics, Masaryk University

2 I After you try to find us:

3 I

Centre for Research on Cryptography and Security 4 I

Outline UDP Hole punching Symmetric NAT Port allocation function Our algorithms Evaluation Results 5 I

Motivation Establish a direct connection between two hosts –Both are behind a symmetric NAT. No relay servers needed –Better connection parameters (latency, jitter). –Architecture scales better, cheaper. –Security consequences (MiTM). Plenty of NATs types already covered in literature –Our motivation: 1/3 of mobile internet provider market uses symmetric NAT. 6 I

7 I UDP Hole punching

Easy if both sides know external mapped port of each other. Difficult if mapped port changes. Difficult if mapped port blocks incoming communication from “outside”. 8 I

9 I Symmetric NAT

10 I Port allocation function

Apply UDP Hole Punching Challenge: Predict a next allocated port. –On both sides, at the same time. –May be problem if NAT is shared among other hosts. –Need to determine state of the NAT the user is using. STUN server used for this. State may change quickly. Approach: Multiple retries, maximize success rate. 11 I

Algorithm #1 Baby-step, giant-step. Main idea: –Node A scans ports of the node B with step ∆ B. –Node B scans ports of the node A with step 2∆ A. Benefit: Only one source port @ device, destination port varies. 12 I

13

Probabilistic distribution on ports Probability distribution on the next allocated port of the peer: Poisson distribution. 14 I

Another algorithms Expected port value –Computes expected value E[X] of the next port distribution. –Poisson distribution is assumed. Poisson sampling algorithm –Measurement process estimates parameter λ –Algorithm samples Poisson distribution on ports. 15 I

Evaluation Algorithm simulation. –Artificial data, Poisson distribution sampling, multiple λ. Ability to test algorithms in different network load. –Real data from NetFlow probes from university network. Real-world test. Poisson distribution hypothesis tests. Real world algorithm test. –Mobile internet service provider. –Symmetric NAT with incremental port allocation function. Success rate above 95% 16 I

Results – success rate A: Baby step giant step B: Fix dest. C: E[X] D: Opt. Pois. E: Poisson 17 I

Results - steps 18 I A: Baby step giant step B: Fix dest. C: E[X] D: Opt. Pois. E: Poisson

Results - both 19 I

Thank you for your attention! Questions? 20 I

Download ppt "Traversing symmetric NAT with predictable port allocation function SIN 2014 Dušan Klinec, Vashek Matyáš Faculty of Informatics, Masaryk University."

Similar presentations