diy internet with minimalt
play

DIY Internet with MinimaLT Low-latency secure networking JSConf.EU - PowerPoint PPT Presentation

Apr 16, 2023 •340 likes •800 views

DIY Internet with MinimaLT Low-latency secure networking JSConf.EU 2013 Andy Wingo wingo@igalia.com Compiler hacker at Igalia Recently: ES6 generators in V8, SpiderMonkey (sponsored by Bloomberg) Not a cryptographer This talk is for folks

  1. DIY Internet with MinimaLT Low-latency secure networking JSConf.EU 2013 Andy Wingo

  2. wingo@igalia.com Compiler hacker at Igalia Recently: ES6 generators in V8, SpiderMonkey (sponsored by Bloomberg) Not a cryptographer This talk is for folks that deploy both endpoints, for cryptonerds, and for early-stage tinkerers

  3. You are here Context: Militarization of daily life Generals peeping on your web searches Read the wrong things and they send the SWAT team

  4. what’s he building in there?

  5. what’s he building in there? He has subscriptions to those RSS feeds And he’s been tweeting about MinimaLT We’re in his router, and his mobile phone You won’t believe what we got from the drone What’s he building in there? What the hell is he building in there? We have a right to know

  6. Solution? Smash the state! Meanwhile, let’s not make it easy for the NSA

  7. HTTPS vs... Attack vectors: ❧ Cryptanalysis (RC4) ❧ MITM via rogue certificates (DigiNotar &c) ❧ Use JavaScript! CRIME, BEAST, ... ❧ Backdoors in TLS implementations (Windows?)

  8. HTTPS vs... Attack vectors: ❧ Cryptanalysis (RC4) ❧ MITM via rogue certificates (DigiNotar &c) ❧ Use JavaScript! CRIME, BEAST, ... ❧ Backdoors in TLS implementations (Windows?) ❧ HTTP

  9. HTTPS vs HTTP “Cryptography that is not actually used can be viewed as the ultimate disaster” – DJB competitions.cr.yp.to/disasters.html How many of you...

  10. HTTPS vs HTTP “Cryptography that is not actually used can be viewed as the ultimate disaster” – DJB competitions.cr.yp.to/disasters.html How many of you... ❧ use EFF’s “HTTPS everywhere” extension?

  11. HTTPS vs HTTP “Cryptography that is not actually used can be viewed as the ultimate disaster” – DJB competitions.cr.yp.to/disasters.html How many of you... ❧ use EFF’s “HTTPS everywhere” extension? ❧ never use plain HTTP with Google?

  12. HTTPS vs HTTP “Cryptography that is not actually used can be viewed as the ultimate disaster” – DJB competitions.cr.yp.to/disasters.html How many of you... ❧ use EFF’s “HTTPS everywhere” extension? ❧ never use plain HTTP with Google? There is a reason for this

  13. Anatomy of a GET 000.00 → www.gnu.org TCP SYN Visiting http://www.gnu.org/ over French wired ADSL.

  14. Anatomy of a GET 000.00 → www.gnu.org TCP SYN 130.50 ← www.gnu.org TCP SYN/ACK 130 ms RTT, ~65ms latency. Remote server hosted in Boston, ~4000 miles away. 4000 miles is 22 light-milliseconds.

  15. Anatomy of a GET 000.00 → www.gnu.org TCP SYN 130.50 ← www.gnu.org TCP SYN/ACK 130.78 → www.gnu.org HTTP GET / The GET is delayed by 130 ms.

  16. Anatomy of a GET 000.00 → www.gnu.org TCP SYN 130.50 ← www.gnu.org TCP SYN/ACK 130.78 → www.gnu.org HTTP GET / 278.00 ← www.gnu.org TCP [begin] Begin receiving response. Early parsing.

  17. Anatomy of a GET 000.00 → www.gnu.org TCP SYN 130.50 ← www.gnu.org TCP SYN/ACK 130.78 → www.gnu.org HTTP GET / 278.00 ← www.gnu.org TCP [begin] 282.00 → www.gnu.org TCP SYN x 3 Kick off more connections for parallel fetch.

  18. Anatomy of a GET 000.00 → www.gnu.org TCP SYN 130.50 ← www.gnu.org TCP SYN/ACK 130.78 → www.gnu.org HTTP GET / 278.00 ← www.gnu.org TCP [begin] 282.00 → www.gnu.org TCP SYN x 3 410.71 ← www.gnu.org HTTP 200 OK Total: 7108 bytes over 411 milliseconds.

  19. Anatomy of a GET 000.00 → www.gnu.org TCP SYN 130.50 ← www.gnu.org TCP SYN/ACK 130.78 → www.gnu.org HTTP GET / 278.00 ← www.gnu.org TCP [begin] 282.00 → www.gnu.org TCP SYN x 3 410.71 ← www.gnu.org HTTP 200 OK 414.85 → www.gnu.org TCP SYN/ACK x 3 Initial round-trip kills parallel fetch :-(

  20. HTTPS sadness 000.00 → www.gnu.org TCP SYN

  21. HTTPS sadness 000.00 → www.gnu.org TCP SYN 129.91 ← www.gnu.org TCP SYN/ACK 130.46 → www.gnu.org TLS Client Hello

  22. HTTPS sadness 000.00 → www.gnu.org TCP SYN 129.91 ← www.gnu.org TCP SYN/ACK 130.46 → www.gnu.org TLS Client Hello 266.13 ← www.gnu.org TLS Server Hello 267.08 ← www.gnu.org TLS Certificate 267.73 → www.gnu.org TLS Key Exchange

  23. HTTPS sadness 000.00 → www.gnu.org TCP SYN 129.91 ← www.gnu.org TCP SYN/ACK 130.46 → www.gnu.org TLS Client Hello 266.13 ← www.gnu.org TLS Server Hello 267.08 ← www.gnu.org TLS Certificate 267.73 → www.gnu.org TLS Key Exchange 449.06 ← www.gnu.org TCP ACK (???) 449.10 → www.gnu.org TLS Change Cipher

  24. HTTPS sadness 000.00 → www.gnu.org TCP SYN 129.91 ← www.gnu.org TCP SYN/ACK 130.46 → www.gnu.org TLS Client Hello 266.13 ← www.gnu.org TLS Server Hello 267.08 ← www.gnu.org TLS Certificate 267.73 → www.gnu.org TLS Key Exchange 449.06 ← www.gnu.org TCP ACK (???) 449.10 → www.gnu.org TLS Change Cipher 580.28 ← www.gnu.org TLS Change Cipher 583.72 → www.gnu.org HTTPS GET /

  25. HTTPS sadness 000.00 → www.gnu.org TCP SYN 129.91 ← www.gnu.org TCP SYN/ACK 130.46 → www.gnu.org TLS Client Hello 266.13 ← www.gnu.org TLS Server Hello 267.08 ← www.gnu.org TLS Certificate 267.73 → www.gnu.org TLS Key Exchange 449.06 ← www.gnu.org TCP ACK (???) 449.10 → www.gnu.org TLS Change Cipher 580.28 ← www.gnu.org TLS Change Cipher 583.72 → www.gnu.org HTTPS GET / 764.97 ← www.gnu.org HTTPS 200 OK ... and then the CSS, the JS, ...

  26. MinimaLT, a low-latency networking protocol “properly implemented, strong crypto” ... that connects faster than TCP SYN/ACK – Just say no!

  27. Properly implemented, strong crypto Uses high-level NaCl library from @hashbreaker and @hyperelliptic Avoids many HTTPS/TLS pitfalls ❧ Well-chosen cyphers ❧ Timing-independent implementation ❧ No plaintext (HTTP) mode MinimaLT adds forward secrecy

  28. Minimal latency 1 round trip if you need “DNS” lookup 0 otherwise Persistent tunnels Tunnels can migrate over IP changes – invisible to applications

  29. A protocol for today’s internet UDP-based Reliable: replaces TCP + TLS Denial-of-Service (DoS) resistance Low overhead, scales to tens of Gb/s

  30. Tunnels and connections Tunnels multiplex connections Connection 0 is the control connection ❧ flow control ❧ connection creation ❧ authentication (client certs) Multiple connections can proceed concurrently QUIC more advanced here in some ways

  31. Wire protocol +----------------------+ c | Ethernet, IP, UDP | 42 bytes l |----------------------| e | Tunnel ID, Nonce | 16 bytes a |----------------------| r | Ephemeral public key | 32 bytes (first) |======================| c | Checksum | 16 bytes y |----------------------| p | Seq, Ack | 8 bytes h |----------------------| e | Payload | r | ... |

  32. Crypto NaCl “box”: +------------+ C' → S' | Cyphertext | n +------------+ Tunnel ID (TID): a random 64-bit number, provided by client when creating the tunnel After first packet, TID looks up C' → S' : the shared secret Protocol to change TID and evolve shared secret for forward security

  33. How to get server’s public key? TLS: ❧ Client knows address of DNS provider ❧ DNS gives server address (maybe) ❧ Client connects to server, server provides certificate ❧ Client verifies cert. using public key infrastructure (PKI)

  34. How to get server’s public key? MinimaLT: ❧ Client knows address, long-term key of Directory Service ❧ Server registers address, port, long-term public key and ephemeral public key with DS ❧ Client asks DS for server info, trusts DS Servers could register info in DNS records with suitably low TTL (TBD)

  35. Directory server protocol At first lookup of any name, or at boot: ❧ 1 round-trip to fetch DS’s ephemeral key To look up a name: ❧ 1 round-trip using fresh ephemeral client key, DS’s ephemeral key Authenticated and encrypted

  36. Performance The “expensive” part: establishing the shared secret via Curve25519, which happens when tunnels are created. ❧ 8000 connections/s/core on modern x86 ❧ ~750 connections/s/core on modern ARM (estimate) Afterwards, MinimaLT can saturate Gb/s links

  37. Denial-of-Service Why is MinimaLT able to avoid 3-way handshake? ❧ A server can slow down clients arbitrarily using puzzles ❧ Clients may have to “mine for bitcoins” ❧ Puzzles can be sent at any point (tunnel GC) ❧ Pre-RT responses should be smaller than requests (hello DNSSEC)

  38. Amplification vs latency? In general, response can be larger than the request (e.g. HTTP GET) Does the client IP (spoofable cleartext) correspond to the client request (authenticated, tamper-proof)? One round trip seems needed in general :-( Mitigated by long-term tunnels, multiplexed connections No worse than TCP

  39. Faster than TCP 0RT connects faster than TCP at any latency above 0.5 ms (150 km) Always faster than OpenSSL At 64ms latency: 130ms full connection, request, response vs 516ms for OpenSSL Compare to 278ms for HTTP Tor-friendly

  40. Project status University of Illinois at Chicago research project (Jon Solworth) Very 2013 Ethos, new Xen-based OS ❧ Security-focused ❧ Typed filesystem, typed IPC ❧ Written in C and Go http://ethos-os.org/ W. Michael Petullo doing MinimaLT

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your favourite team? Do you use the internet to watch music videos? Do you use the Internet to read the news? Do you use the Internet to play games? Shared

997 views • 51 slides
Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet Server Client Attack vectors MAN DNS LAN Client Internet Back Bone Router Networking WWW overview MITM (Man In The Middle) 3 2 4 5 LAN

244 views • 23 slides
How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

5/15/2012 How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been tremendously successful From Architecture to Network Has sustained tremendous growth g Supports very diverse set of applications

484 views • 10 slides
IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet

IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet

IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites IOC: Internet of Composites Robert Bjekovic, University of applied sciences Ravensburg Weingarten, Weingarten, Germany Michael Elwert, University of applied

351 views • 32 slides
Enabling the Internet of Everything with 3G The Internet of Everything The Next Era of

Enabling the Internet of Everything with 3G The Internet of Everything The Next Era of

Enabling the Internet of Everything with 3G The Internet of Everything The Next Era of Networking and Computing, Where Everything Is Intelligently Connected Family device layout. Think weve done in past. Add in printer, electric meter,

397 views • 22 slides
Good morning! Internet, Web, Intranets, and Extranets Use and Functioning of the Internet

Good morning! Internet, Web, Intranets, and Extranets Use and Functioning of the Internet

Good morning! Internet, Web, Intranets, and Extranets Use and Functioning of the Internet Internet is international scope with users on every continent Asians make up 40% of Internet population Europeans about 20% North America

1.01k views • 56 slides
Internet Atlas: A Geographical Database of the Physical Internet Active Internet Measurement

Internet Atlas: A Geographical Database of the Physical Internet Active Internet Measurement

Internet Atlas: A Geographical Database of the Physical Internet Active Internet Measurement Systems Workshop (AIMS) February 6-8, 2013 Ram Durairajan Computer Sciences University of Wisconsin Motivation rkrish@cs.wisc.edu 2

505 views • 33 slides
History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet

History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet

History of the Internet Pat Morin COMP 2405 Outline Origins of the Internet Internet timeline from 1970s until today The Internet today 2 Origins of the Internet J.C.R. Licklider of MIT in August 1962 wrote about the

562 views • 13 slides
Internet routing is based on routing protocols that collect the input data No off-line route

Internet routing is based on routing protocols that collect the input data No off-line route

Introduction to Routing in Internet Internet basics IPv4 and ICMP Internet Addressing ARP - Address Resolution Protocol Routing Information (Distance Vector ) Protocol Principles 3-1 S-38.121 S-02 Rka, NB Internet routing is based on

214 views • 18 slides
1 Internet Email Internet Commercialization SMTP is Internet Email protocol Rapid and

1 Internet Email Internet Commercialization SMTP is Internet Email protocol Rapid and

Background of Chapter Software Infrastructure of the Commercializing Internet Not finished Mostly journalistic Recounting of basic events from secondary sources Focus on interplay between technology and business models Thomas

463 views • 3 slides
CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of

CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of

10/4/16 CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of the Internet in 1990 The Global Internet (And Now) A simple multi-provider Internet 1 10/4/16 The Global Internet Some large

307 views • 12 slides
The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The

The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The

The Internet of Things Afloat by Digital Yacht What is the Internet of Things ? The Internet of Things (IoT ). A proposed development of the Internet in which everyday objects have network connectivity, allowing them to send

575 views • 24 slides
The History of the Internet Presented by the St. Martins Episcopal Technology Department

The History of the Internet Presented by the St. Martins Episcopal Technology Department

The History of the Internet Presented by the St. Martins Episcopal Technology Department Agenda Internet History Internet Evolution Internet Pioneers Internet Growth The Future of the Internet Conclusion

540 views • 24 slides
Welcome to the Indian Prairie Librarys Internet Class I What Is the Internet? The Internet

Welcome to the Indian Prairie Librarys Internet Class I What Is the Internet? The Internet

Welcome to the Indian Prairie Librarys Internet Class I What Is the Internet? The Internet is the largest computer network in the world, connecting millions of computers. A network can also be a group of two or more computer systems linked

371 views • 13 slides
Networking 101.101.101.101 The Internet The Internet is governed by a series of protocols

Networking 101.101.101.101 The Internet The Internet is governed by a series of protocols

Networking 101.101.101.101 The Internet The Internet is governed by a series of protocols that form the rules for how communications should happen The Internet is a network of networks. There is no centralized point. There are no

763 views • 34 slides
Introduction to Global Internet Governance Internet Week Guyana 9/13 October 2017

Introduction to Global Internet Governance Internet Week Guyana 9/13 October 2017

Introduction to Global Internet Governance Internet Week Guyana 9/13 October 2017 kevon@lacnic.net What is the Internet? How does it work? Source: ICANN Historical Facts about the Internet 1975: TCP/IP test between two networks (Stanford

634 views • 25 slides
Leveraging Existing Instrumentation to Automatically Infer Invariant-Constrained Models Ivan

Leveraging Existing Instrumentation to Automatically Infer Invariant-Constrained Models Ivan

Leveraging Existing Instrumentation to Automatically Infer Invariant-Constrained Models Ivan Beschastnikh Yuriy Brun Sigurd Schneider Michael Sloan University of Washington Saarland University Michael D. Ernst 1 Synoptic: * ... Mining

890 views • 47 slides
2 3 4 Service Server Client Server ConnecOon Recovered!

2 3 4 Service Server Client Server ConnecOon Recovered!

PresentedatDSNDCCS2011inHongKongon6/28/11 TRODS TransparentRecoveryfor ObjectDeliveryServices Wya$Lloyd ,MichaelJ.Freedman PrincetonUniversity 2 3 4 Service

393 views • 36 slides
Adapting TCP for Recon fj gurable Datacenter Networks Matthew K. Mukerjee* , Christopher Canel*

Adapting TCP for Recon fj gurable Datacenter Networks Matthew K. Mukerjee* , Christopher Canel*

Adapting TCP for Recon fj gurable Datacenter Networks Matthew K. Mukerjee* , Christopher Canel* , Weiyang Wang , Daehyeok Kim* , Srinivasan Seshan*, Alex C. Snoeren *Carnegie Mellon University, UC San Diego, Nefeli Networks,

1.12k views • 69 slides
CSCI 4760 - Computer Networks Fall 2016 Instructor: Prof. Roberto Perdisci perdisci@cs.uga.edu

CSCI 4760 - Computer Networks Fall 2016 Instructor: Prof. Roberto Perdisci perdisci@cs.uga.edu

source: computer-networks-webdesign.com CSCI 4760 - Computer Networks Fall 2016 Instructor: Prof. Roberto Perdisci perdisci@cs.uga.edu These slides are adapted from the textbook slides by J.F. Kurose and K.W. Ross Chapter 3: Transport Layer

1.34k views • 107 slides
Why MySQL Replication Fails, and How to Get it Back September, 26, 2017 Sveta Smirnova Sveta

Why MySQL Replication Fails, and How to Get it Back September, 26, 2017 Sveta Smirnova Sveta

Why MySQL Replication Fails, and How to Get it Back September, 26, 2017 Sveta Smirnova Sveta Smirnova MySQL Support engineer Author of MySQL Troubleshooting JSON UDF functions FILTER clause for MySQL Speaker Percona

1.4k views • 139 slides
2018-01-10 Horst Grtz Institute for IT Security Chair for Network and Data Security Paul

2018-01-10 Horst Grtz Institute for IT Security Chair for Network and Data Security Paul

On the End-to-End Security of Group Chats Real World Crypto 2018 2018-01-10 Horst Grtz Institute for IT Security Chair for Network and Data Security Paul Rsler , Christian Mainka, Jrg Schwenk On the End-to-End Security of Group Chats

891 views • 50 slides
Ensemble Adversarial Training A1acks and Defenses Facebook December 15 th 2017 Florian Tramr

Ensemble Adversarial Training A1acks and Defenses Facebook December 15 th 2017 Florian Tramr

Ensemble Adversarial Training A1acks and Defenses Facebook December 15 th 2017 Florian Tramr Stanford Joint work with Alexey Kurakin (Google Brain) Nicolas Papernot (PSU) Ian Goodfellow (Google Brain) Dan Boneh (Stanford) Patrick

1.14k views • 23 slides
Reliable Transmission Desirable for a link-level protocol to deliver frames reliably

Reliable Transmission Desirable for a link-level protocol to deliver frames reliably

Reliable Transmission Desirable for a link-level protocol to deliver frames reliably Error correction is expensive to use, so usually only error detection is used Even if error correction is used, sometimes frames will be

431 views • 17 slides

More recommend