Re: [Ideas] Computing collisions
Tom Herbert <tom@herbertland.com> Tue, 13 December 2016 23:48 UTC
Return-Path: <tom@herbertland.com>
X-Original-To: ideas@ietfa.amsl.com
Delivered-To: ideas@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6EBD7129C5B for <ideas@ietfa.amsl.com>; Tue, 13 Dec 2016 15:48:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=herbertland-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LD7fCZCjhREH for <ideas@ietfa.amsl.com>; Tue, 13 Dec 2016 15:48:15 -0800 (PST)
Received: from mail-qt0-x233.google.com (mail-qt0-x233.google.com [IPv6:2607:f8b0:400d:c0d::233]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 825B8129C4D for <ideas@ietf.org>; Tue, 13 Dec 2016 15:48:09 -0800 (PST)
Received: by mail-qt0-x233.google.com with SMTP id p16so2854995qta.0 for <ideas@ietf.org>; Tue, 13 Dec 2016 15:48:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herbertland-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=1VG5bxG7HqPsri4EYIm5+BSGxBbEiXuHTVNmGfjEIz0=; b=W8UcqK0pYB4lP801v/rV1DI+GTndCmVBlk1PKgvImtSdGYYgS9jPcfp8jx+9bgOy5u sp6PwGXAiqlO4PJPDmKuhLVw+kSMMfGpuiu93gFeidVjjg59Q1+5X2J/sVnXQatEsLJH oWMYWMh9p3GFZloQblKSFZFIXdl/UX2yxcJfz+RHbupKncZZp6KWYfyD2kOe2VOuV7qC Evkr8UBLltapY9XuDtD5qcSM12TmR2+EW1f4F5XHz54jqBCID6JsTZOEfS/W5Ce84xyU x1Bkft3i0sOSEzO8Vd9WUeZxwyyjMuCUskTleZDLlprcH+XHrIB3JLd2cIGM8Dnq1oMY Ob+w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=1VG5bxG7HqPsri4EYIm5+BSGxBbEiXuHTVNmGfjEIz0=; b=K+1bdTfxcGwxkFQaKASp0afiWVUg3m36KRxaKkp9VcjNiPFuEpgR4XydcpTG0N9jBJ c9nc5Wy8v+fIz0r+X2+b2d7dhPGawih8jOgqWGZtCDmwOimnnxGZMDoDOp0zRgVLPZtY X5aUjUThrG5NcJvt2+II8q2mHk6Ago+gQ+JBp1cNHFnW+71+HIg8DFMrpaVLEe5LFUV5 Ha0BRjlmGXIoDGql4W9dB/CHT3X/oN54xyBTQoc0YoMDAVP9MT8q0sOgFhG9MkIC72U6 rUqhHJWB+tyDp8VvXTGxj8myL6J+yUq9JrK2IcwMSGBPQmvoJO/VE3r6/M3oWVquxqBg wcdQ==
X-Gm-Message-State: AKaTC02VWERZiakdhMWYth1IusIhFxsjymCMwK9SCE7vspBuFlK8EAiCYyLOWn+KSHm2IwCon3Pv9q4NjMi4BQ==
X-Received: by 10.237.37.77 with SMTP id w13mr96475111qtc.197.1481672888505; Tue, 13 Dec 2016 15:48:08 -0800 (PST)
MIME-Version: 1.0
Received: by 10.200.43.18 with HTTP; Tue, 13 Dec 2016 15:48:08 -0800 (PST)
In-Reply-To: <6AA7A937-AEC5-4E6F-9D87-87BC257EF9F8@gmail.com>
References: <fb888f85-22ed-5e87-bf84-2b6244d587e6@htt-consult.com> <CAG-CQxqds9osqTTAi_Gm-VCVKGo49pW5OVALxYiYCrqNQ2yvRA@mail.gmail.com> <83be2a30-1b46-2397-976e-6e2736921e19@htt-consult.com> <6AA7A937-AEC5-4E6F-9D87-87BC257EF9F8@gmail.com>
From: Tom Herbert <tom@herbertland.com>
Date: Tue, 13 Dec 2016 15:48:08 -0800
Message-ID: <CALx6S37G5xc48a3sxCAq5Qm7z7sBhcUF5+i_buBA_2yBMrtZ7w@mail.gmail.com>
To: Dino Farinacci <farinacci@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/ideas/05JU2M6l5e7cGf5GhUG_q3ZPAZA>
Cc: Padma Pillay-Esnault <padma.ietf@gmail.com>, Robert Moskowitz <rgm-ietf@htt-consult.com>, ideas@ietf.org
Subject: Re: [Ideas] Computing collisions
X-BeenThere: ideas@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Discussions relating to the development, clarification, and implementation of control-plane infrastructures and functionalities in ID enabled networks." <ideas.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ideas>, <mailto:ideas-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ideas/>
List-Post: <mailto:ideas@ietf.org>
List-Help: <mailto:ideas-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ideas>, <mailto:ideas-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Dec 2016 23:48:23 -0000
On Tue, Dec 13, 2016 at 10:35 AM, Dino Farinacci <farinacci@gmail.com> wrote: > In LISP, an xTR registers with a 128-bit xTR-ID. This is not the EID. So we could have an xTR register with a random EID it chooses. Then the map-server determines it is a collision because another xTR-ID has registered with that same EID. The map-server could select a random EID and check locally if it collides. If it doesn’t, then the xTR registers with a new EID (and makes appropriate interface address assignments locally). > > Note the draft-farinacci-lisp-eid-anonymity-01 specs that ephemeral-EIDs can be used. So when an xTR decided to choose a random IPv6 address as an EID and registers. It can ask the map-server if it collides. Today, the map-server Acks Map-Register messages, but it could Nak and say “go get a new random ephemeral-EID”. I like this approach better because the allocation happens at the sites within their own address prefix range and gives you some obfuscation at the same time. > > If people thing the second approach makes sense, I can spec out in the above draft how Map-Servers could NAK when there are collisions. Please comment. > That sounds a lot like what we do in ILA. The identifier is split into a registry number and identifier within that. In our case each host is assigned a unique 24 bit registry number, and then each host can independently create identifiers. For the latter we just take a timestamp. Assuming a rate of 100 identifiers per second being allocated we have 21.8 years before wraparound (described appendix B of ILA draft). We'll also check when the identifier is registered with the map system, but in this case collisions should pretty much be nonexistent. Tom > Dino > >> On Dec 13, 2016, at 5:35 AM, Robert Moskowitz <rgm-ietf@htt-consult.com> wrote: >> >> Here is some results. >> >> On 12/11/2016 12:03 PM, Padma Pillay-Esnault wrote: >>> Hello Bob >>> >>> Thanks for sending this formula. >>> >>> If we assume that the population is not necessarily a flat space and that it is in different separate instances, this could help reduce the collision. >>> >>> Per the ideas problem statement draft, we have discussed about the different types of devices and whether we could have some policy on what they can do. Eg. a camera should not be shopping for clothes or access bank accounts .... wouldn't it make sense to put them in different instances with different access policies? >>> >>> What are your thoughts on this? >> >> Let's work with a 24 bit ID space which is a population of 16,777,216 >> >> Let's then assume a random distribution of 2^14 (16,384) devices. This is a 99.97% probablity of a collision. A sure thing. >> >> Now let's assume that there are 256 (2^8) classes of devices and that the population is evenly divided. That is 64 devices per class. We now have reduced our ID space to 16 bits (65,536), but the probablity of a collision with only 64 devices is 3.08%! >> >> But if the division is not equal between the classes and one class has 512 devices the probablity jumps up to 84.67%; again an almost sure thing. >> >> So we can see from this little exercise that dividing our ID space into groupings can actually reduce the collision risk. Two caveats are clear though. How many classes to use (you can see my effort at this in draft-moskowitz-hierarchical-hip) and what if one class out classes all the rest? >> >> You still need to manage collisions. You just may be telling fewer losers to select a new ID. >> >> Now if instead you are talking about reusing your ID space on the assumption that these devices are NEVER interacting and thus never 'seeing' the inevitable collisions, then, yes, reuse the ID space. But we all know what assume also spells. >> >> >>> Padma >>> >>> On Thu, Nov 17, 2016 at 1:48 AM, Robert Moskowitz <rgm-ietf@htt-consult.com> wrote: >>> Here is the equation: >>> >>> probability of collision = 1 - e^{-k^2/(2n)} >>> >>> Where n is your max population size (e.g. 2^64) >>> >>> and k is your deployed population (e.g. 7B) >>> >>> Bob >>> >>> _______________________________________________ >>> Ideas mailing list >>> Ideas@ietf.org >>> https://www.ietf.org/mailman/listinfo/ideas >>> >> >> _______________________________________________ >> Ideas mailing list >> Ideas@ietf.org >> https://www.ietf.org/mailman/listinfo/ideas > > _______________________________________________ > Ideas mailing list > Ideas@ietf.org > https://www.ietf.org/mailman/listinfo/ideas
- [Ideas] Computing collisions Robert Moskowitz
- Re: [Ideas] Computing collisions Padma Pillay-Esnault
- Re: [Ideas] Computing collisions Robert Moskowitz
- Re: [Ideas] Computing collisions Stewart Bryant
- Re: [Ideas] Computing collisions Dino Farinacci
- Re: [Ideas] Computing collisions Robert Moskowitz
- Re: [Ideas] Computing collisions Padma Pillay-Esnault
- Re: [Ideas] Computing collisions Tom Herbert
- Re: [Ideas] Computing collisions Dino Farinacci