[Din] Metamorphic Networking Software

christian.tschudin@unibas.ch Mon, 09 August 2021 19:18 UTC

Return-Path: <christian.tschudin@unibas.ch>
X-Original-To: din@ietfa.amsl.com
Delivered-To: din@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E35A93A1327; Mon, 9 Aug 2021 12:18:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=unibas.ch
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RyzgMiDy27c8; Mon, 9 Aug 2021 12:18:35 -0700 (PDT)
Received: from smtp21-priv.unibas.ch (smtp21-priv.unibas.ch [131.152.226.210]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4EFB93A1322; Mon, 9 Aug 2021 12:18:34 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=unibas.ch; i=@unibas.ch; l=2479; q=dns/txt; s=unibas20200921; t=1628536715; h=date:from:to:subject:message-id:mime-version; bh=21PKA9m8blbp2Vt4kGc0hbOpbGoMBSKs9mDt0YaCITY=; b=bSsMr2vO34g6k4fl2/ayvMir12EMoOLt4+JuuR0rDtCK9wDgxV3poDZQ Ft1lWsBzKiWmxnTNsbZPY4qqDUlqPyNVUgyqj/qYntshpeCqyt+ER9vMG rf1Wfzr0JphgBXIdxPqCSB5wr3xr+ImANEfy7cGLXMHSCVQBjl9oRu4tr q13h+BexoJU2UIQbFFQH0jJwlUxtagX0jrOM043IYSqh3K9HgQZzzYEeR 1Jx3uS8B21p//CTDwPUgWYAWLjpWBf5rO0hh4bR4pG4XUFV29r5rJ2TeA dV5m7YPP73UqQVC/gi3ot7ydVx4lULru1LPywpt4KGO0s66aFCJy0gjAI w==;
IronPort-SDR: mCYZ2i3wThF6BWaCBaq/Uny2fg1+PMo63USb/YzdSObuQDCV9xjjC1bT449eszny2y94ueq5BK r6FxOT2T1EtMwvvXInz8AtIHcwFEHxdHcanae+3+NiWdTXV1RLwcUMkXPpbPUgfS7IKo+txla7 b8f4mU8qAJXjVPrk5bHgHobCcUhdC87QajbEZ65Z1ocj/xbAHc4qpDzm+uv1xCDLjOfo4cGZ9E ydyg9bu06peZhCGlwowizX5SJud5fqQzyp59aB157jlGcwFaQl3xrdK/d1pLdrAa9ZBgblTNh3 9Eg=
X-Auth-ID: tschudin
X-Auth-ID-Mismatch: AuthId: tschudin, FromAddress: christian.tschudin@unibas.ch, EnvelopeFrom: christian.tschudin@unibas.ch
X-IPAS-Result: =?us-ascii?q?A2GyAQAZfhFh/yjggaENTR0BAQEBCQESAQUFAUCBWYMig?= =?us-ascii?q?UKWAS2DKHOZRgsBAQEBAQEBAQEJNQwEAQEDBIFcgjCDIiY4EwECBAEBAQEDA?= =?us-ascii?q?gMBAQEBBQEBBgEBAQEBAQUEAQECgSCFLzmCQiJ8gQgBAQEBAQEBAQEBAQEBA?= =?us-ascii?q?QEBAQEBFgInUoELAoF+EoJOAiEBgxapL3iBM4EBg00BhF6BRwaBOol1gU4Eh?= =?us-ascii?q?HiBPIYeAYdcBINNL1IaIRQMAYEkFQsEHSaSC6tdB6FhBg8FJoNli2CQLIZ+l?= =?us-ascii?q?g+fa4VZgXeBbAsHg3UBATJQJ5FoiwUDcTgCBgsBAQMJilABAQ?=
IronPort-PHdr: A9a23:8rhwYBUh3AOthpd762FkputGcVXV8KwBVTF92vMcY1JmTK2v8tzYM VDF4r011RmVB92dtK0P2rqempujcFRI2YyGvnEGfc4EfD4+ouJSoTYdBtWYA1bwNv/gYn9yN s1DUFh44yPzahANS47xaFLIv3K98yMZFAnhOgppPOT1HZPZg9iq2+yo9JDffRlEiCC/bL5wI xm7qQbcvdQKjIV/Lao81gHHqWZSdeRMwmNoK1OTnxLi6cq14ZVu7Sdete8/+sBZSan1cLg2Q rJeDDQ9LmA6/9brugXZTQuO/XQTTGMbmQdVDgff7RH6WpDxsjbmtud4xSKXM9H6QawyVD+/6 apgVR3mhzodNzMh/m/ZitJ+gr9Yrh2uuxNy2JLUbJ2POfZiYq/RYc0WSGxcVchRTSxBBYa8Y pMTAOoBJ+ZYrpL9p0cPrRSkAwmgHv/vyiRUiX/2wK01zuUhEQfd0Qw9GdIOsW/bo8/uNKsIT e+1zK/FxijMYP1Kwzny8pTIcgw/rvGWW7J9acncxE0sGg/YklmctY3oMjyL2+kTt2WV7+5tW Oaxh2Aprwx9viSiy8cjhITNmo8YxV7K+Tl6zYsxJtC2R0B1b9GiHZBNuS+aMI52TdkjQ2Fuo Cs6yLoGtoWgfCQQ1JsnxxjSYOGEfYiQ+h/vSeecLSpiiH54Zr6ygwy+/Va+xuDzTMW530pGo yxYmdfWrH8NzQbc6s2fR/t4+UeuxCiA2hjI6uFBPUA0ja3bK4M9wrIolpocr0DDHijulUryk aObclso9vK15+nmYbjqvIKQO5Vqhg3gNKsigs2/AeImPQgSR2WX5OWx2KD58UHkXrlHiuc6n rfHvJ3VP8gWqbK1DxdQ0ok56ha/Czmm0M4fnXkCNF9KZBKHj5LoO1HVPPD4DO2wg1K2nDd33 PDJIr3hAojQIXjClrfsZqt960hdyAUo199f/IhYBa0BIP7rQE/+qMTYDgMlMwyz2+voFdR91 oUFVGKOGK+ZLK3SvUWP5uI1LOmGfJUVtyrlK/g5+/7uimc0mV4Bcqmvx5sXZ2u1HvV8I0WFb 3rgmNABEX0FvgAmVuzllEWCUSJPZ3a1R68z+jY7CIOgDYrYR4CtmqCB3CmhEp1RfGBGBQPEL XC9e4SCc/YWdCzUJdVu1nQFXr67RKcgzw2g8gjgxP4vJe3V/AUZr47tkt9v6L79jxY3oDd0F cWGz2CESSdohWgIWjM32ohip013w0zF2qgr0LRjCdVP6qYRAU8BPpnGwrkiY+0=
IronPort-HdrOrdr: A9a23:U9ruvqMgHluIc8BcTrujsMiBIKoaSvp037BG7SpMoHVuG6Slfq uV98jzuyWYtAos
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-AV: E=Sophos;i="5.84,308,1620684000"; d="scan'208";a="77940813"
Received: from robinwoodap.surfnetc.com (HELO [192.168.1.22]) ([161.129.224.40]) by smtp21-ext.unibas.ch with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Aug 2021 21:18:28 +0200
Date: Mon, 9 Aug 2021 21:18:24 +0200 (CEST)
From: christian.tschudin@unibas.ch
To: din@irtf.org, icnrg@irtf.org, coin@irtf.org
Message-ID: <cfb9f4f5-e083-399f-245e-fecd4a6de72a@unibas.ch>
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset=US-ASCII
Archived-At: <https://mailarchive.ietf.org/arch/msg/din/pXVS0nciCTrmc46QQm19m3flxco>
Subject: [Din] Metamorphic Networking Software
X-BeenThere: din@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discussion of distributed Internet Infrastructure approaches, aspects such as Service Federation, and underlying technologies" <din.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/din>, <mailto:din-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/din/>
List-Post: <mailto:din@irtf.org>
List-Help: <mailto:din-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/din>, <mailto:din-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Aug 2021 19:18:42 -0000

This falls into several research group territories touching code-as-infrastructure, code-as-content and compute-in-the-network: please pardon the cross-posting if you see things differently.
Looking forward to receiving comments!

Best, c

---

Code Control and Metamorphic Networking Software

Over 50 years, Internet standardization had to expand into territories that are not "protocols" in a strict sense. RFCs on policies, best practice, and auxiliary systems like Certificate Transparency are examples, some of them with quite drastic consequences where browsers might simply refuse to provide their service if that "auxiliary" system flags a problem, which may stem from a real issue or some misconfiguration. We project that software that runs the Internet's protocols will be the next venue for control paths: What initially looks like a sound approach e.g., enforce specific code revision levels for operational software, may turn out to become a security nightmare where the access to respective decisive actions is a single point of abuse and a warfare issue, requiring extreme security measures with obvious centralization problems.

Before we end up in a world where one needs a centrally issued "license to code" with respective clearance levels for writing P4 code, and where a "Internet Code Police" roams the net, alternatives to such code control systems should be researched. While the Internet started with the mission to survive jamming attacks, the new critical mission is to survive attacks against its code generation, deployment and operation processes.

Our assumption is that any human-operated decision hooks in the code will be vulnerable to coercion wherefore code control should become part of the code itself. Protocol specs are supposed to provide operational stability within their realm regardless of malformed packets or protocol violations. Similarly we seek ensembles of programs which continue to operate despite node subversion, code infiltration and deceitful code execution.

We started a research effort called "Metamorphic Networking Software" which stands for code that can shift its form and execution places for performance reasons but also when under attack. I'm reaching out to other researchers who want to join this effort and explore evolution paths towards a code-sovereign Internet.

<christian.tschudin@unibas.ch>ch>, July 2021

---

BTW, we are hiring: https://www.jobs.ch/en/vacancies/detail/10549166/