IETF Logo Mail Archive

Re: [Ila] [DMM] Fwd: New Version Notification for draft-herbert-ila-mobile-00.txt

Tom Herbert <tom@quantonium.net> Tue, 06 February 2018 18:30 UTC

Return-Path: <tom@quantonium.net>
X-Original-To: ila@ietfa.amsl.com
Delivered-To: ila@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 202C712D87A for <ila@ietfa.amsl.com>; Tue, 6 Feb 2018 10:30:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=quantonium-net.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PRatuJEKk1bE for <ila@ietfa.amsl.com>; Tue, 6 Feb 2018 10:30:24 -0800 (PST)
Received: from mail-wr0-x22d.google.com (mail-wr0-x22d.google.com [IPv6:2a00:1450:400c:c0c::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1FC9A12DA3F for <ila@ietf.org>; Tue, 6 Feb 2018 10:30:23 -0800 (PST)
Received: by mail-wr0-x22d.google.com with SMTP id y3so2991181wrh.3 for <ila@ietf.org>; Tue, 06 Feb 2018 10:30:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quantonium-net.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=2/80QuIYWF/LdigOZPhZ/6gpMWZCoxL1MiQ0ifJTAiE=; b=rXCYNG6ZY79TofLwORdXnnjAGW9UvOPSzqG4ENs4dTFSkbQe+7KggI2h1nR+PZd2M1 q3iAFjt59oacGlUhxuOcd1cLBp6qw8p+QLlph8Nz7OvfjGgobuG/c2RR1Bw7hR41Nop4 pxyjxngJKk/doqTjFB2RRBw24EDCuwBa2fLReBjwodwW4To5LcCZdlbWFiWZlcFpaZGq 41FkDQmSa5OSz5eSJ89aPXajEA+P6QhrcrdSYtrqnaLr3GG1m/9PRsCV7YqLf7CV9cil sGeWeVPFd3g8efOwkRo9Hnb8JF7nAsTa2nYh/VWEQ7CNZmE3huMDLVBnaPwBf1IIEV6z Pgrg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=2/80QuIYWF/LdigOZPhZ/6gpMWZCoxL1MiQ0ifJTAiE=; b=YDuEt8GUUKORN/Ao7pU3T7R6mMzF/6WQnjlOBAxCQRVEo+366OSzvN0FATU11q6GZA MTBP7TtdcORRTkR6gYKo7BCkWUjxkEv99XNCWiI42jubwIjvhbTt2FCk67WReMzQoXXG GDy5RmIFv/Q2FtSDwWjNrJ3GYzssCCnOVgldcSVSq6kgUMgTmQfFGXDI82rFW76BQEat m4a5Q63RE8YYFdqzL2qS35X3X+P2aLMC4iIaHvsqnMj4J/xlpDkOoPk0j2ZK2NHeYD/z RZaPQRU4bEtUhXNkSjqi5dQ6RVcXMJq2660oVXk0oXA2HGbdZEwtVeG51ewBUEFms7kQ CSCw==
X-Gm-Message-State: APf1xPDmZE0ioXUJ7fEzmtQhj3x9b3TBk04hxv0+euaqG1myEg9mKXDz 1oHkRz3pmDuw2gdebW7Z/6HSQsBl46p3ZgM7OtcZSg==
X-Google-Smtp-Source: AH8x227oBITlA1YqqRiuUMFVrCQ5K0vMByZMtwSNPNFee7b3SoTvDKe7HqDUN/nTkW4dsmX2DToef2LRzKLi0XK8qJA=
X-Received: by 10.223.142.145 with SMTP id q17mr2837611wrb.44.1517941821493; Tue, 06 Feb 2018 10:30:21 -0800 (PST)
MIME-Version: 1.0
Received: by 10.223.173.66 with HTTP; Tue, 6 Feb 2018 10:30:20 -0800 (PST)
In-Reply-To: <CAKD1Yr1NXWdN7Whjk1bAmEvhAdxmYqm2nvtUexVbipcT1M5juQ@mail.gmail.com>
References: <151750859755.24445.6929673804211867286.idtracker@ietfa.amsl.com> <CAPDqMerbX4UJ-mK-A-f=im=1h0Yz-52QfWLLgVDkybtSShNp5Q@mail.gmail.com> <CAKD1Yr0Xpi=3mn8VfQ3eRm4ZWWDfYd10e+y3EUcY2rX-FaYbXw@mail.gmail.com> <CAPDqMepxQcDhx2gE3cNtGewaYeYD1Gw+XCxz2U2okBf7kaxFcw@mail.gmail.com> <CAKD1Yr14D+8dv=Hj=4c+aQvLVUN1hS9TPST+T0tgpmYAW8ncVg@mail.gmail.com> <CAPDqMeq4CN_v6Aycb=jqEAttq+teUaVYpxyn8WL-6rV8jtHQzg@mail.gmail.com> <CAKD1Yr1NXWdN7Whjk1bAmEvhAdxmYqm2nvtUexVbipcT1M5juQ@mail.gmail.com>
From: Tom Herbert <tom@quantonium.net>
Date: Tue, 06 Feb 2018 10:30:20 -0800
Message-ID: <CAPDqMerS61ncw1csfceSp9PhM5mdA5+2cTmHSD40daGP4Aq60Q@mail.gmail.com>
To: Lorenzo Colitti <lorenzo@google.com>
Cc: dmm <dmm@ietf.org>, ila@ietf.org
Content-Type: multipart/alternative; boundary="f403045f53d80f680005648f5fe9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ila/cbHAH07GvH03YceZvnRGyhaX7BA>
Subject: Re: [Ila] [DMM] Fwd: New Version Notification for draft-herbert-ila-mobile-00.txt
X-BeenThere: ila@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Identifier Locator Addressing <ila.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ila>, <mailto:ila-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ila/>
List-Post: <mailto:ila@ietf.org>
List-Help: <mailto:ila-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ila>, <mailto:ila-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Feb 2018 18:30:26 -0000

On Mon, Feb 5, 2018 at 10:16 PM, Lorenzo Colitti <lorenzo@google.com> wrote:

> On Tue, Feb 6, 2018 at 3:02 PM, Tom Herbert <tom@quantonium.net> wrote:
>
>> On Tue, Feb 6, 2018 at 2:17 PM, Tom Herbert <tom@quantonium.net> wrote:
>>>
>>>> Section 8.3 provides the argument that singleton addresses are needed
>>>> for privacy-sensitive communications. For practicality and probably scaling
>>>> /64 is needed, however for strong privacy singleton addresses would be
>>>> needed (to avoid resorting to NAT).
>>>>
>>>
>>> You don't need singletons for privacy. You can just assign /64s that
>>> change over time.
>>>
>>
>> Yes, that seems to be the recommendation of RFC4914. However, neither
>> that RFC nor anyone else that I can tell has been able to quantitatively
>> describe the relationship between frequency of changing prefix and privacy.
>> Any statements about this are qualitative in nature. By intuition, it might
>> be believable that higher frequency should mean better privacy, but nobody
>> can quantify that. So for a user where privacy is paramount, my example is
>> a political dissident that is anonymously criticizing their government,
>> there is no definitive answer to give then when they ask what frequency
>> they need to ensure their privacy. Besides that, I believe that any
>> frequency could be defeated with the postulated exploit below (if you see a
>> flaw in this logic please let me know).
>>
>
> In general, any scheme that relies in changing singletons can be
> implemented by changing /64 prefixes in the same way.
>
> Lorenzo,

The number of unique /64 prefixes a network could assign for this purpose
is much less than 2^64 due to network prefix and a prefix needed for
internal routing.


> Your example of a dissident that is criticizing the government is not a
> relevant one in the likely case that the
>

Consider that the dissident might be exiled in a country that is
sympathetic to their cause, and the government being criticized has no
control over the local provider. There are several famous individuals for
which this is true, protecting their anonymity and location may be a matter
life and death.


> government has the power to compel the network operator to log all the
> singletons that the network assigns.
>
>
Then the government should have the power to compel an operator to log NAT
mappings, but apparently that hasn't happened or isn't sufficient for what
law enforcement thinks they need. I suspect that the primary reason that LI
wants trackable addresses in the Internet is to perform mass passive
surveillance on transit networks in their jurisdiction to deduce criminal
networks and intent.


> Actually, there is one frequency where the privacy effects can be
>> qualified: that is to use a different address per connection. This is
>> effectively what stateful NAT provides and why law enforcement doesn't like
>> it. With a large enough pool of users behind a NAT, flows sourced form the
>> same device cannot be correlated by a third party in external network. This
>> is strong privacy privacy in addressing (properties listed in 8.3). In lieu
>> of telling the political dissident to find a provider using NAT, assigning
>> addresses for singe use can provide it. Assigning a /64 to every flow won't
>> scale, but singleton addresses could.
>>
>
> Saying that assigning unaggregatable singleton addresses to each flow
> would scale is an extremely bold statement. Back-of-the-envelope says that
> with 100M devices and an average of 10 flows per device that last 5 minutes
> on average you've got 1B entries and 3.3 milion flow updates per second.
> That amount of state must be available within a reasonable time (line rate,
> or, say, 1 RTT) to any border router that could conceivably receive a
> packet for any one of those flows. I don't know what sort of hardware you'd
> be able to run that on, nor who would want to make such a colossal
> infrastructure investment even if it could be done.
>

Here are some mitigating factors for scaling issue:

1) Not all communications require strong privacy, so they all don't need
singleton addresses.
2) The amount of state is equal, or at least proportional, to that in a
network using NAT today. Scaling single use addresses then scales as much
as NAT scales.
3) As pointed out in section 8.3 it is conceivable that crypto-graphic
addresses might be used that would allow a method of address aggregation
that a provider network knows about but is hidden to the rest of the world.
I think this possibility is worth investigation.

Tom

v2.23.0 | Report a Bug | By Email