[Ppm] Interim topic: Shall DAP support heavy hitters?
Christopher Patton <cpatton@cloudflare.com> Mon, 08 April 2024 23:19 UTC
Return-Path: <cpatton@cloudflare.com>
X-Original-To: ppm@ietfa.amsl.com
Delivered-To: ppm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B12A0C1516EA for <ppm@ietfa.amsl.com>; Mon, 8 Apr 2024 16:19:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HYhqftmOT_pc for <ppm@ietfa.amsl.com>; Mon, 8 Apr 2024 16:19:10 -0700 (PDT)
Received: from mail-qt1-x835.google.com (mail-qt1-x835.google.com [IPv6:2607:f8b0:4864:20::835]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D17CC151535 for <ppm@ietf.org>; Mon, 8 Apr 2024 16:19:10 -0700 (PDT)
Received: by mail-qt1-x835.google.com with SMTP id d75a77b69052e-4347bcc2b47so9517431cf.3 for <ppm@ietf.org>; Mon, 08 Apr 2024 16:19:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google09082023; t=1712618349; x=1713223149; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=jMurBlK8DLxND4LyG0lpK4GAfZf4HwSD3zUolSpbe1I=; b=BT4vyStilyTS66FVZnN+qJA6tJ6VoDzr2yON8K+Ggo/ocEfCgDZ9YVKx7/7zaRCN17 akQiMke89LBaDGp6/Hysu+9ihNneWdu+2Q9SH7XPRajVW6/EEkrbEWUz/vT0cMPjnSEw MdCmoKriL1+X5vy+XBTOv3AAYIIypRuHwx9sRNZgO9QEgcygknHNnpH7qR2eJ7IEgQpH 6ABj5o8gI+dY2ITX/3g0zat4XesjWOu0PDy21YbPMMJALuSRiqnMmqs73ARVMviVvfMb hUhiWBqQDpEqBHTZMU4grWWxnGhmWvUDFV2xi6cfFRhqAARxmFpMz0h01izSnNEVXqMz uBxw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712618349; x=1713223149; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=jMurBlK8DLxND4LyG0lpK4GAfZf4HwSD3zUolSpbe1I=; b=THlREG/6kgQab7OI/gf9gtOZf+ZFW2wkBDryb/pUdF4+gEV+XZzs2uYEXmmgLl5503 tFjyHL9s4YPi7/oXsq76MfJGug3rYy6Jk1Wh5crwuxbestMCQqvKz6PlSfkdzcxxvxus Q/7IMdq3EC0xKUtD0V4jAZqutFcd1ADFLPFDom/boqDXn67RRqs+5O+MXAHz+x7DfOaT syYCK2p1mokR55a9ryWxvMLA7T70K15AD5jAIYByiSwcKaONlRdMgn0UpoVudTeL3sDx na0T65X6FD0v1YwuT1SVxAlnsySvjojqCXpKSiFRVf4bc6dXoj/uWRNUy7Z+JKjpSEWQ 6msw==
X-Gm-Message-State: AOJu0YwBib9/zEvWP+ttBeqltCS2WO9H9VtgKwStEamT5XSnHtwMEPjQ G/QFPusl8BJuYUq0GJYzVtWuqtUb7qieMPjlHnUqPUrEFYarZfAPVo/HC863zvLgEoaE3NmFEVq fxoLlV3jYtnmiM4yPG+Gmk1n2460wN/CyO/9UE/gKPfNSXPVE3lw=
X-Google-Smtp-Source: AGHT+IG4EwJIxs5dzwMVTsDbZ+YPbWAG1xAptyHgZSaXnYXDWP+MikFCQ4Fyw+xinX18diVtQinSgjPs+l7WI9Twtzs=
X-Received: by 2002:ac8:5d4a:0:b0:434:6ff5:5bfb with SMTP id g10-20020ac85d4a000000b004346ff55bfbmr9575495qtx.8.1712618349019; Mon, 08 Apr 2024 16:19:09 -0700 (PDT)
MIME-Version: 1.0
From: Christopher Patton <cpatton@cloudflare.com>
Date: Mon, 08 Apr 2024 16:18:58 -0700
Message-ID: <CAG2Zi21sjDQ31S7MpKL92ZL9o9_OnqsYe_33RPvW3eMDh2Wzeg@mail.gmail.com>
To: ppm <ppm@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000005461f706159e083e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ppm/jN0udduyP-WP1AmWsbve8THyYlY>
Subject: [Ppm] Interim topic: Shall DAP support heavy hitters?
X-BeenThere: ppm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Preserving Measurement technologies <ppm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ppm>, <mailto:ppm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ppm/>
List-Post: <mailto:ppm@ietf.org>
List-Help: <mailto:ppm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ppm>, <mailto:ppm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Apr 2024 23:19:14 -0000
Hi folks, As noted at IETF 118, there are a number of issues for the DAP spec related to supporting heavy hitters via Poplar1: https://datatracker.ietf.org/meeting/118/materials/slides-118-ppm-dap-open-issues We'd like to spend a significant chunk of time during the interim on resolving these issues. To that end, Tim G. and I have been leading a small design team over the last couple of months towards identifying a set protocol changes to support this important use case. We need your help deciding between three different options: - Proposal #0: Don't support heavy hitters in DAP (punt to a future protocol spec) - Proposal #1: Support heavy hitters with minimal changes to DAP - Proposal #2: Support heavy hitters, but amend the collection sub-protocol to minimize the amount of information revealed to the Collector Each proposal is detailed in the following google doc: https://docs.google.com/document/d/1ZjXz-1kGsTDf2Vn2u-fwYqR8BSc3tOYlELVHAYvAfjk/edit?usp=sharing It would be helpful if folks could spend some time ahead of the interim (22 April, two weeks from now) digesting these options, providing feedback, and figuring out what information you need, if any, to form an opinion. My hope is that we'll be prepared to make a decision during the interim on the questions enumerated in Section 6. Relatedly: If we decide to support heavy hitters, then we'll also need to decide how to deal with a class of attacks against DAP/Poplar1 articulated by Simon Friedberger and Phillipp Schoppmann. We call these "steering attacks", as they exploit the fact that the attacker in our threat model has partial control of the protocol execution that is not considered the original Poplar paper (https://ia.cr/2021/017). There are a few mitigations in the google doc that we'd like folks to mull over. I'm looking forward to seeing folks online in a couple of weeks. Thanks, Chris P.
- [Ppm] Interim topic: Shall DAP support heavy hitt… Christopher Patton
- Re: [Ppm] Interim topic: Shall DAP support heavy … Christopher Patton
- Re: [Ppm] Interim topic: Shall DAP support heavy … Christopher Patton