Re: [Int-area] Where/How is the features innovation, happening? Re: 202112301817.AYC

["Abraham Y. Chen" <aychen@avinta.com>]

Hi, Tom:

1)    "Your argument seems to be that we shouldn't bother with things 
like security or encryption at all :-) ...    ":    My apologies for 
getting you to an unexpected conclusion. Perhaps I failed to make an 
explicit statement because I thought that I was following a thread about 
the IPv4 or IPv6 addresses "scrambling" schemes for protecting the 
privacy of or increasing the security to users. That is, we should look 
at this subject by the "Divide & Conquer" concept. In other words, I was 
saying that encrypting the "Content" part as much as the sender / 
receiver pair agrees to. But, keep the "Address" part mostly clear. This 
way, the LE parties will not have the excuse of performing "mass 
surveillance" by scooping up everything, then take time to digest and 
regurgitate the "Content" for hidden treasures. (Remember the report 
that the German Chancellor's telephone calls were picked up by spy 
agencies?) Rumors have been, that high performance computer and large 
capacity storage device manufacturers are having a field day supplying 
equipment to LE organizations such as NSA because the current Internet 
trend.

2)    Since my engineering training started from RF (Radio Frequency or 
Wireless -- actually all bands from audio all the way to 60+ GHz), then 
telephony, and cellular phone before getting involved with the Internet, 
allow me to briefly describe my understanding of the characteristics of 
each with respect to our current discussion. Hopefully, the below can 
thread different fields together to clarify my point:

     A.    In the RF field, any signal that is transmitted (sent) into 
the "ether" is a fair game for everyone. So, there is no "Address" in 
the basic RF signal transmission. Most RF equipment does not transmit 
its identification by itself unless the user does so as part of the 
"Content" on purpose. For example, acommercial (AM, FM, TV) station 
announces its station ID, or call-sign (Address) as part of the 
broadcast (Content) according to FCC Rules. So, in RF communication, we 
concentrate only on encrypting the "Content" (such as scrambled / encode 
speech) for proprietary applications.

     B.    For traditional land-line telephony services, the caller's 
phone number (Address) is fixed by wiring (nailed up) upon subscription. 
Only the called party's phone number (Addressee) is dialed once to tell 
the switching system who is the destination party, so that the switches 
can make the connection. Once the called party answers, the actual 
session consists of only "Content" exchanges, no more "Address" 
information necessary. Speech scramblers may be used on either end as a 
pair, for private conversation (Content).

     C.   RF signals from cellular mobile phone do carry the handset 
(and the cell tower) identifications (Addresses) on both ends without 
the user's knowledge to facilitate establishing and maintaining a 
connection, while the user constantly crosses the boundaries between 
cells. Similarly, speech scramblers may be used on either end as a pair 
for private conversation (Content). Note that since VoIP is behind the 
scene these days, cellular mobile service is supported by a mixture of 
both the traditional telephony and the Internet infrastructures.

     D.   If we look at the Internet environment itself, it is kind like 
the cellular mobile phone service. It is inherently wide open like RF 
because packets are forwarded by unstructured mesh routers allowing 
everyone to listen in. Yet, each IP packet header carries the Addresses 
of both ends for directing routers to deliver the packet, as well as for 
the return packet. So, how much can a sender "hide" the identities of 
either or both ends for privacy while still enables the routers to 
deliver the packet to its intended destination effectively is a real 
challenge. Whatever the scheme chosen, it can not be too sophisticated 
to over-burden the routers which means that it is probably mot much a 
challenge for a perpetrator intentionally trying to crack the scheme.

3)    My sense from the above analysis is that attempting to make the 
"Address" part of an IP packet "cryptic" for improving the privacy / 
security properties of the "Content" is probably futile. The more we 
attempt doing it, the stronger the LEs' argument for mass surveillance, 
even though they probably already knew the solution.

4)    On the other hand, if we push too hard on strengthening the 
encryption of the "Content" without a back door, we essentially are 
helping the perpetrators. This is because if this part worked, the LEs 
will not be able to monitor and catch the criminals!

5)    So, we need to review the pros and cons of the end results, before 
jumping into a scheme.


Happy New Year!



Abe (2021-12-31 11:57 EST)



On 2021-12-30 13:29, Tom Herbert wrote:
>
>
> On Mon, Dec 27, 2021 at 7:00 PM Abraham Y. Chen <aychen@avinta.com> wrote:
>
>     Hi, YiHao:
>
>     0)    Hope you had a Merry Christmas as well!
>
>     1)    Re: Ur. Pts 1) & 2): Allow me to modify and expand your
>     definitions of the abbreviations, ICP & ISP, a bit to streamline
>     our discussion, then focusing on related meanings of the two
>     keyword prefixes, "C" and "A" in the middle of them:
>
>         A.    ICP (Internet Content Provider):    This is the same as
>     you are using.
>
>         B.    IAP (Internet Access Provider):    This will represent
>     the ISP that you are referring to.
>
>         C.    ISP (Internet Service Provider):    This will be used as
>     the general expression that covers both ICP and IAP above.
>
>         With these, I agree in general with your analysis.
>
>     2)    From the above, there is a simpler (layman's instead of
>     engineer's) way to look at this riddle. Let's consider the old
>     fashioned postal service. A letter itself is the "Content". The
>     envelop has the "Address". The postal service cares only what is
>     on the envelop. In fact, it is commonly practiced without
>     explicitly identified that one letter may have multiple layers of
>     envelops that each is opened by the "Addressee" who then forward
>     the next "Addressee" according to the "Address" on the inside
>     envelop, accordingly. To a larger scale, postal services put
>     envelops destined to the same city in one bag. Then, bags destined
>     to the same country in one container, etc. This process is refined
>     to multiple levels depending on the volume of the mail and the
>     facility (routes) available for delivery. Then, the containers are
>     opened progressively along the destination route. No wonder that
>     the US Postal Service claimed (during the early days of the
>     Internet) that the mail system was the fist "packet switching"
>     system.
>
>     3)    So, in this analogy, the "Address" on each and every envelop
>     has to be in the clear (not coded or encrypted in any sense) for
>     the mail handlers to work with. It is only the most inner
>     "Content", the letter itself, can have Confidential information
>     (or encrypted if the sender wishes). Under this scenario, the LE
>     (Law Enforcement) is allowed only to track suspected mail by the
>     "Addresses". And, any specific surveillance is only authorized by
>     court, case by case. While no one can prevent LE bypassing this
>     procedure, cases built by violating this requirement would be the
>     ground for being thrown out of the court.
>
>     4)    However, in the Internet environment, largely, if not most,
>     Addresses are dynamic. There is no way to specify an IP Address
>     for surveillance of a suspect. This gives the LE the perfect
>     excuse to scoop up everything and then analyze offline. This gives
>     them plenty of time to try various ways to decrypt the encoded
>     messages and the opportunity to sift through everything for
>     incidental "surprise bonus finds". The result is that practically
>     no privacy is left for anyone. is means that all of the schemes of
>     scrambling IP Addresses are useless at the end. So, why do we
>     bother with doing so, at all?
>
>
> Abe,
>
> Happy New Year!
>
> Your argument seems to be that we shouldn't bother with things like 
> security or encryption at all :-) While it's true that anything sent 
> into the Internet can be intercepted and analyzed offline, it's 
> clearly the intent of security and privacy mechanisms to make offline 
> analysis of data ineffective or at least cost prohibitive. For 
> encryption the calculation is pretty straightforward, the complexity 
> and cost and breaking a cipher is generally correlated to the key 
> size. So for any given key size, it can be determined what sort of 
> resources are required to break the code. This is a continuous 
> escalation as attackers gain access for more computational resources 
> and there are breakthroughs like in quantum computing that require 
> rethinking encryption.  But regardless, the effectiveness of 
> encryption at any given point of time is quantifiable.
>
> For security and privacy in IP addresses I believe we should be 
> similarly taking a quantitative approach. This is where RFC7721 fails. 
> The recommendation of RFC7721 is that for better security, use 
> temporary addresses with shorter lifetimes. But the RFC doesn't 
> attempt to quantify the relationship between address lifetime and the 
> security that's offered or even say what specific lifetime is 
> recommended for optimal security. For instance, if the user changes 
> their interface address twice a day instead of once a day does that 
> halve the chances that some may breach their security by correlating 
> two different flows that they source from the user? Probably not. But, 
> what if they change their address every five minutes? How much better 
> is that than changing the address once a day? It's intuitive that it 
> should be better security, but is it _really_ better? And if it is 
> better, are the benefits worth the aggravation of changing the 
> address. This is quite similar to some companies that have a policy 
> that everyone needs to change their passwords periodically. Studies 
> have shown that there is little quantitative value in doing this and 
> in fact the net effect is likely less security and increased user 
> aggravation-- even so, companies will continue to do this because it's 
> easier to stick with the inertia of intuition.
>
> The fix for the password problem is one time passwords (OTP) and IMO 
> that hints at the fix for the address security problems described in 
> RFC7712, essentially we need single use source addresses per each 
> connection.  The security effects of single use addresses are 
> quantifiable, i.e. given sample packets from independent two flows 
> generated by the same user, without additional information it isn't 
> possible for a third party to correlate that they are sourced by the 
> same user.
>
> Tom
>
>
>
>     Happy New Year!
>
>
>     Abe (2021-12-27 21:59)
>
>
>
>
>
>     On 2021-12-23 22:26, Jiayihao wrote:
>>
>>     Hello Abe,
>>
>>     Users are unwilling to be watched by any parties(ISP, and ICP
>>     also) excepts users themselves. Actually I would like to divide
>>     the arguments into 2 case: network layers and below (not
>>     completely but mostly controlled by ISP); transport layers and
>>     above (not completely but mostly controlled by ICP).
>>
>>     1) For transport layers and above, Encryption Everywhere (like
>>     TLS) is a good tool to provide user privacy. However, it is only
>>     a tool against ISPs, while ICPs survive and keep gaining revenue
>>     (even by selling data like the negative news of Facebook, or
>>     Meta, whatever you call it). As discussed, it is not networks
>>     faults because IP provides peer-to-peer already. You may blame
>>     CGNAT in ISP increasingly contributes to a C/S mode in replacing
>>     P2P, like in China where IPv4 addresses are scare and CGNAT is
>>     almost everywhere. However, I don’t find the situation any better
>>     in U.S. where most of IPv4 address are located. It is a business
>>     choice to overwrite the mode to be peer-ICP-peer(C/S mode) at
>>     application layer, other than utilize the P2P mode that natively
>>     provided by IP.
>>
>>     In this case, there are trust points and they are ICPs.
>>
>>     2) For network layers and below, ISP and IP still provide a pure
>>     P2P network, and Encryption in TLS do not blind ISP in IP layer
>>     since IP header is still in plaintext and almost controlled by
>>     ISP. That is to say, in an access network scenario, the access
>>     network provide can see every trace of every user at network
>>     layer level (although exclude the encrypted payload). To against
>>     this, one can use Proxy(i.e., VPN, Tor) to bypass the trace
>>     analysis just like the CGNAT does. The only difference is that
>>     detour points (Proxies) belong to a third party, not ISP.
>>
>>     In this case, there are trust points and they are third party
>>     proxies.
>>
>>     The bottom line is that trust points are everywhere explicitly or
>>     implicitly, and privacy can be leaked from every (trust) point
>>     that you trust (or have business with). No matter what network
>>     system you have, no matter it is PSTN or ATM, these trust points
>>     are just the weak points for your privacy, and the only things
>>     users can beg is that **ALL** trust points are 1) well
>>     behave/don’t be evil; 2)system is advanced enough that can’t be
>>     hacked by any others; 3) protected by law.
>>
>>     I would say pretty challenging and also expecting to reach that.
>>
>>     Network itself just cannot be bypassed in reaching that.
>>
>>     Merry Christmas,
>>
>>     Yihao
>>
>>     *From:* Abraham Y. Chen <aychen@avinta.com>
>>     <mailto:aychen@avinta.com>
>>     *Sent:* 2021年12月23日 10:01
>>     *To:* Jiayihao <jiayihao@huawei.com> <mailto:jiayihao@huawei.com>
>>     *Cc:* tom@herbertland.com; int-area@ietf.org
>>     *Subject:* Re: [Int-area] Where/How is the features innovation,
>>     happening? Re: 202112221726.AYC
>>     *Importance:* High
>>
>>     Hi, YiHao:
>>
>>     0)    I am glad that you distilled the complex and elusive
>>     privacy / security tradeoff issues to a very unique and concise
>>     perspective.
>>
>>     1)    Yes, the IPv4 CG-NAT and IPv6 Temporary address may seem to
>>     provide some privacy protection. However, with the availability
>>     of the computing power, these (and others such as VPN) approaches
>>     may be just ostrich mentality.  On the other hand, they provide
>>     the perfect excuse for the government (at least US) to justify
>>     for "mass surveillance". For example, the following is a recent
>>     news report which practically defeats all current "privacy
>>     protection" attempts.
>>
>>     https://www.usatoday.com/story/news/2021/12/08/federal-court-upholds-terrorism-conviction-mass-surveillance-case/6440325001/
>>
>>     */[jiayihao] there is no doubt./*
>>
>>     2)    Rather than contradicting efforts, it is time to review
>>     whether any of these schemes such as mapping techniques really is
>>     effective for the perceived "protection". As much of the current
>>     science fiction type crime scene detective novel / movie / TV
>>     program hinted, the government probably has more capability to
>>     zero-in on anyone than an ordinary citizen can imagine, anyway.
>>     And, businesses have gathered more information about us than they
>>     will ever admit. Perhaps we should "think out of the box" by
>>     going back to the PSTN days of definitive subscriber
>>     identification systems, so that accordingly we will behave
>>     appropriately on the Internet, and the government will be allowed
>>     to only monitor suspected criminals by filing explicit (although
>>     in secret) requests, case by case, to the court for approval?
>>
>>     Happy Holidays!
>>
>>     Abe (2021-12-22 21:00 EST)
>>
>>     Hello Tom,
>>       
>>     The privacy countermeasure for IPv4/IPv6 is interestingly different.
>>     IPv4 usually utilize CGNAT, i.e., M(hosts)-to-N(IPs), where M >> N so that the host could remain anonymous
>>     IPv6 usually utilize Temporary address, i.e., 1(host)-to-M(IPs[at least suffix level]), where M >> 1 so that the host could remain anonymous.
>>       
>>     HOWEVER, I don't feel any approach reaches privacy perfectly, because access network have a global perspective on M-to-N or 1-to-M mapping.
>>     For this, it is hard to be convinced that IPv4/6 itself can reach a perfect privacy.
>>       
>>     Thanks,
>>     Yihao Jia
>>       
>>     -----------
>>       
>>     I believe CGNAT is better than IPv6 in terms of privacy in addressing.
>>     In fact one might argue that IPv4 provides better privacy and security
>>     than IPv6 in this regard. Temporary addresses are not single use which
>>     means the attacker can correlate addresses from a user between
>>     unrelated flows during the quantum the temporary address is used. When
>>     a user changes their address, the attacker can continue monitoring if
>>     it is signaled that the address changed. Here is a fairly simple
>>     exploit I derived to do that (from
>>     draft-herbert-ipv6-prefix-address-privacy-00).
>>       
>>     The exploit is:
>>            o An attacker creates an "always connected" app that provides some
>>              seemingly benign service and users download the app.
>>            o The app includes some sort of persistent identity. For instance,
>>              this could be an account login.
>>            o The backend server for the app logs the identity and IP address
>>              of a user each time they connect
>>            o When an address change happens, existing connections on the user
>>              device are disconnected. The app will receive a notification and
>>              immediately attempt to reconnect using the new source address.
>>            o The backend server will see the new connection and log the new
>>              IP address as being associated with the specific user. Thus,
>>     the server has
>>              a real-time record of users and the IP address they are using.
>>            o The attacker intercepts packets at some point in the Internet.
>>              The addresses in the captured packets can be time correlated
>>              with the server database to deduce identities of parties in
>>              communications that are unrelated to the app.
>>       
>>     The only way I see to mitigate this sort of surveillance is single use
>>     addresses. That is effectively what  CGNAT can provide.
>>       
>>     Tom
>>
>>     Image removed by sender.
>>     <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=icon>
>>
>>     	
>>
>>     Virus-free. www.avast.com
>>     <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=emailclient&utm_term=link>
>>
>>
>


-- 
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus