IETF Logo Mail Archive

Re: [dtn] DTN addressing, routing, and ownership

"Burleigh, Scott C (US 312B)" <scott.c.burleigh@jpl.nasa.gov> Tue, 21 July 2020 20:51 UTC

Return-Path: <scott.c.burleigh@jpl.nasa.gov>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 447B23A0A84 for <dtn@ietfa.amsl.com>; Tue, 21 Jul 2020 13:51:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FROM_GOV_DKIM_AU=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=jpl.nasa.gov
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mcVLxPW_iYjU for <dtn@ietfa.amsl.com>; Tue, 21 Jul 2020 13:51:04 -0700 (PDT)
Received: from ppa02.jpl.nasa.gov (ppa02.jpl.nasa.gov [128.149.137.113]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D85E3A0A9D for <dtn@ietf.org>; Tue, 21 Jul 2020 13:51:03 -0700 (PDT)
Received: from pps.filterd (ppa02.jpl.nasa.gov [127.0.0.1]) by ppa02.jpl.nasa.gov (8.16.0.27/8.16.0.27) with SMTP id 06LKj0GT102134; Tue, 21 Jul 2020 13:51:00 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jpl.nasa.gov; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=InSight1906; bh=a7J+mWglQt3+NHmRt6G5Fy5cCuM/iZaCvePjfgH2jVs=; b=OcdEOQI/hFvUHYVAqi6yCYuXcyLweWEHHDI4GbgKooOdc8rgB/edL+bEYOBhn8paxlhm H2CIZt1kn355cwZdkfENI1PCX1qBKniru5pQa+VB9ZGwKmP7dlsP5l+7KxSi03L6RhFT el7dML79eZDWf6ONfOBWjCyODnPSKWI5t4ddz15OQmlsPunFb8xOZrxdoZJrMTG1LsAY hr2mPpGy/zRQzcF3rW6LKxxBhca+pCjkajOt4C9B8KfU4INBDGLd/3dZDu325Y/NfjLW wjkHfeK+xFP9kMupv2jyl4ExsvKEf799THpJ0CQhMGkdnSrbP7XidTTx2aYOjd8YI57k 7A==
Received: from mail.jpl.nasa.gov (altphysenclup03.jpl.nasa.gov [128.149.137.120]) by ppa02.jpl.nasa.gov with ESMTP id 32c08st1sq-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 21 Jul 2020 13:50:59 -0700
Received: from ap-embx16-sp20.RES.AD.JPL (ap-embx16-sp20.jpl.nasa.gov [128.149.137.84]) by smtp.jpl.nasa.gov (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id 06LKowve023250 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128 bits) verified FAIL); Tue, 21 Jul 2020 13:50:59 -0700
Received: from ap-embx16-sp10.RES.AD.JPL (2002:8095:8953::8095:8953) by ap-embx16-sp20.RES.AD.JPL (2002:8095:8954::8095:8954) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1979.3; Tue, 21 Jul 2020 13:50:58 -0700
Received: from ap-embx16-sp10.RES.AD.JPL ([fe80::4:f430:47b5:767b]) by ap-embx16-sp10.RES.AD.JPL ([fe80::4:f430:47b5:767b%17]) with mapi id 15.01.1979.003; Tue, 21 Jul 2020 13:50:58 -0700
From: "Burleigh, Scott C (US 312B)" <scott.c.burleigh@jpl.nasa.gov>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>, "rick@tropicalstormsoftware.com" <rick@tropicalstormsoftware.com>, "dtn@ietf.org" <dtn@ietf.org>, "Edward.Birrane@jhuapl.edu" <Edward.Birrane@jhuapl.edu>
Thread-Topic: [dtn] DTN addressing, routing, and ownership
Thread-Index: AQHWTVTx85boqEKc/0KX1l4tcd8Z7ajwYw9ggACsSIuAADE/cIAARK9GgABMkECAAJD44IAAVUhXgAAMdtCAAMyxRIACstXggAg0BAKAAQM/gIABjETAgACM80CAADFSkIADvs7AgABCD5CAAAUO0IAMN22AgACeU7A=
Date: Tue, 21 Jul 2020 20:50:56 +0000
Message-ID: <abb47e8e70e943c185405803d75c3378@jpl.nasa.gov>
References: <MN2PR13MB356748622EBD29B0028737E19F910@MN2PR13MB3567.namprd13.prod.outlook.com> , <095534b510e44eeebe2d02865eafd10d@jpl.nasa.gov> <MN2PR13MB3567754EE9D8D3C7D19DBD259F6F0@MN2PR13MB3567.namprd13.prod.outlook.com> , <631c36b735934d7eb0df5873536b6ee4@jpl.nasa.gov> <MN2PR13MB35671B6724A93836F3F94F2C9F6F0@MN2PR13MB3567.namprd13.prod.outlook.com> <6990ef88820a400f8c3be2c33310c5f6@jpl.nasa.gov> , <38A5475DE83986499AEACD2CFAFC3F9801F585B226@tss-server1.home.tropicalstormsoftware.com> <MN2PR13MB356752E2F1BBB69FDDA274E79F6C0@MN2PR13MB3567.namprd13.prod.outlook.com> , <0e03648eb66849a68193d5a2e1ebcf3e@jpl.nasa.gov> <MN2PR13MB35670F9E35992C2008683B2B9F6D0@MN2PR13MB3567.namprd13.prod.outlook.com> , <d52af6dc5d4b4ec5a1fb9473598ea579@jpl.nasa.gov> <MN2PR13MB3567A58E070E00DCE177002C9F640@MN2PR13MB3567.namprd13.prod.outlook.com> <df0be49bf9124bcdbb8e0e74c510c280@jpl.nasa.gov> <38A5475DE83986499AEACD2CFAFC3F9801F585C2CF@tss-server1.home.tropicalstormsoftware.com> <058a85379305497fa5fadde67b83f9ad@jpl.nasa.gov> <6becf7a7504540c38e6a16c25ec870bd@aplex01.dom1.jhuapl.edu> <38A5475DE83986499AEACD2CFAFC3F9801F585C7D1@tss-server1.home.tropicalstormsoftware.com> <e2091c9258cd45068dcc151fdf79f5b7@jpl.nasa.gov> <38A5475DE83986499AEACD2CFAFC3F9801F585C887@tss-server1.home.tropicalstormsoftware.com> <15eac34f2abec820d6b2c0af62522a87b907bed5.camel@ericsson.com>
In-Reply-To: <15eac34f2abec820d6b2c0af62522a87b907bed5.camel@ericsson.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [207.151.104.72]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Source-IP: ap-embx16-sp20.jpl.nasa.gov [128.149.137.84]
X-Source-Sender: scott.c.burleigh@jpl.nasa.gov
X-AUTH: Authorized
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.235, 18.0.687 definitions=2020-07-21_15:2020-07-21, 2020-07-21 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-2006250000 definitions=main-2007210136
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/qxcEfScr0dA-SI8SqSupjfGaqgQ>
Subject: Re: [dtn] DTN addressing, routing, and ownership
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 Jul 2020 20:51:13 -0000

Hi, Magnus.  Again, there really are no addresses; the source information provided in a bundle is the source node's ID, not its address.

That said, the question of how to determine the authenticity of the source node ID asserted for a bundle is certainly important.  The mechanism that we've been developing in the ION implementation would be:

1)  Each node generates its own public/private key pair, never discloses its private key to anybody, and publishes its public key to everybody.

2)  Whenever a node transmits a bundle, it include a Block Integrity Block covering the primary block -- including the source node ID -- that is signed in the node's private key.

3)  When a node receives a bundle, it uses the source node's public key to verify the BIB for the primary block.

There is of course more to it than these three lines, much of which we've discussed in a couple of I-Ds, and I have no doubt that there are problems that we have not yet addressed.  But at this point I don't of anything that makes the problem insoluble.

As you say, the anonymization across public/hazardous networks that can be provided by bundle-in-bundle encapsulation may address the use cases for which it has been asserted that bundle anonymity is required.  This seems well worth discussing. 

Scott

-----Original Message-----
From: Magnus Westerlund <magnus.westerlund@ericsson.com> 
Sent: Tuesday, July 21, 2020 4:06 AM
To: rick@tropicalstormsoftware.com; dtn@ietf.org; Burleigh, Scott C (US 312B) <scott.c.burleigh@jpl.nasa.gov>; Edward.Birrane@jhuapl.edu
Subject: [EXTERNAL] Re: [dtn] DTN addressing, routing, and ownership

Hi,

After having read this discussion I would like to ask some questions here.

On Mon, 2020-07-13 at 16:45 +0000, Rick Taylor wrote:
> Scott,
>  
> Top-posting (again). Sorry.
>  
> As usual I conflated 2 points into one email.  Breaking them apart:
>  
> 1.       Source-Id Anonymity – this seems bad.  Can we make a valid Source
> Node_Id MANDATORY?  (That allows intermediates to make up their own 
> minds about what validity means, but at least it’s present)

So the big quesiton is does the Source-ID matter here. Can the originating node lie and include any address here, and are there any part of the routing system that can determine that this is a lie. With the late bidning concept for routing necessary to make the store and forward aspects of DTN work, I wonder what possibilities that do exist here? 

We can note that even in IP source address validation is only possible at certain points in the routing system and that are edge access networks where a router knows that a certain set of source address are possible as source address for traffic going to the rest of the Internet. So does any of you DTN experts have a view of how one could verify the source address? 

One could also use security mechanisms to cryptographically attest a source address so that nodes that like to verify an address could do it. However how ones does this in scalable way both from processing as well as being able to determine the trust anchors for verifying the attestation. At least DTN has a chance to scale its bundle sizes to where the number of bundles per second needing processing is kept reasonable even as bandwidth increases. 

For this later mechanism, is there a point of requiring the source adddress in base header, or could that just as well go into the extension block with a cryptographical attestation?
 

> 2.       The Source-Id in the Primary Block is certainly sufficient for
> monitoring, and will help a lot.  My (badly made) point was that a “Reply-To”
> in the Primary Block would add extra useful information, so that 
> monitoring tools could see the conversation flow between to EIDs, 
> rather than just the flow of bundles in one direction from a node to 
> an endpoint, without having to deep-dive into the payload each time.  
> The difference is purely the ease of access to the meta-data.  It’s 
> the difference between seeing IP packets flowing from source to 
> destination, and being able to watch a TCP session flowing between applications.

To my understanding with the help of bundle-in-bundle encapsulation there are at least some mechanisms to build anonymizers. But, maybe there need to be some thought here about what privacy aspects are provided here and what is needed for the primary purpose of getting the bundle to the destination and the secondary concerns of adminstrating and monitoring the networks function. I think a lot have to do with what DTN network scenario you have and what your primary risks are. 


Cheers

Magnus Westerlund 


----------------------------------------------------------------------
Networks, Ericsson Research
----------------------------------------------------------------------
Ericsson AB                 | Phone  +46 10 7148287
Torshamnsgatan 23           | Mobile +46 73 0949079
SE-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com
----------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email