an analysis of the applicability
play

An analysis of the applicability of blockchain to secure IP - PowerPoint PPT Presentation

Sep 04, 2022 •494 likes •939 views

An analysis of the applicability of blockchain to secure IP addresses allocation, delegation and bindings draft-paillisse-sidrops-blockchain-01 OPSEC - IETF 101 - London March 2018 Jordi Pailliss , Albert Cabellos, Vina Ermagan, Alberto

  1. An analysis of the applicability of blockchain to secure IP addresses allocation, delegation and bindings draft-paillisse-sidrops-blockchain-01 OPSEC - IETF 101 - London March 2018 Jordi Paillissé , Albert Cabellos, Vina Ermagan, Alberto Rodríguez, Fabio Maino jordip@ac.upc.edu 1 http://openoverlayrouter.org

  2. A short Blockchain tutorial 2

  3. Blockchain - Introduction • Blockchain: – Decentralized, secure and trustless database – Token tracking system (who has what) • Add blocks of data one after another • Protected by two mechanisms: – Chain of signatures – Consensus algorithm • First appeared: Bitcoin, to exchange money • Other applications are possible 3

  4. Blockchain - Transactions Transaction Sender’s Public Key Sender’s signature Data 4

  5. Blockchain - Transactions Transactions are broadcasted 1 Transaction to all the nodes Sender’s Public Key Sender’s signature P2P network Data 5

  6. Blockchain - Transactions Transactions are broadcasted 1 Transaction to all the nodes Sender’s Public Key Sender’s signature P2P network Data A node collects transactions 2 into a block Block Previous Hash Transactions 1 ··· N 6

  7. Blockchain - Transactions Transactions are broadcasted 1 Transaction to all the nodes Sender’s Public Key Sender’s signature P2P network Data A node collects transactions 2 into a block 3 Compute consensus algorithm Block New Block Previous Hash Previous Hash Transactions 1’ ··· N’ Transactions 1 ··· N 7

  8. Blockchain - Transactions Transactions are broadcasted 1 Transaction to all the nodes Sender’s Public Key Sender’s signature P2P network Data A node collects transactions 2 into a block 3 Compute consensus algorithm 4 Broadcast new block to the network Block New Block Previous Hash Previous Hash Transactions 1’ ··· N’ Transactions 1 ··· N 8

  9. Blockchain - Transactions Transactions are broadcasted 1 Transaction to all the nodes Sender’s Public Key Sender’s signature P2P network Data A node collects transactions 2 into a block 3 Compute consensus algorithm 4 Broadcast new block to the network Block New Block The other nodes verify the 5 consensus algorithm and accept the block Previous Hash Previous Hash Transactions 1’ ··· N’ Transactions 1 ··· N 9

  10. Summary of features vs. traditional PKI systems Advantages Drawbacks • Decentralized • No crypto guarantees • No CAs • Large storage • Simplified management • Costly bootstrapping • Simple rekeying • Limited prior trust • Auditable • Censorship-resistant 10

  11. Blockchain for IP addresses 11

  12. Data in the blockcahin We want to store: Prefix: 10/8 Prefix: 10/8 Prefix: 10/8 new AS#: 12345 Holder: P1+ holder Holder: P+ new Prefix: 10/8 holder Holder: P2+ IP address block IP address block + + Prefix: 10/8 AS number Holder Holder: P3+ Chain of allocations and delegations 12

  13. IP addresses vs. coins • IP addresses = coins • Similar properties: – Unique – Transferrable – Divisible • Exchange blocks of IP addresses just like coins 13

  14. Example 14

  15. Allocation From: IANA To: IANA I have all prefixes 4 5 6 blockchain 0 1 2 3 7 ... n n+1 n+2 15

  16. Allocation Allocation From: IANA To: IANA From: IANA I have all prefixes To: APNIC Prefix 1/8 for APNIC 4 5 6 blockchain 0 1 2 3 7 ... n n+1 n+2 16

  17. Allocation Allocation Delegation From: IANA To: IANA From: IANA I have all prefixes To: APNIC From: APNIC Prefix 1/8 for APNIC To: ISP A ISP A has 1.2/16 4 5 6 blockchain 0 1 2 3 7 ... n n+1 n+2 17

  18. Allocation Allocation Delegation From: IANA Binding To: IANA From: IANA I have all prefixes To: APNIC From: APNIC From: ISP A Prefix 1/8 for APNIC To: ISP A To: ISP A ISP A has 1.2/16 Bind 1.2/16 to AS # 12345 4 5 6 blockchain 0 1 2 3 7 ... n n+1 n+2 18

  19. Allocation Allocation Delegation From: IANA Binding To: IANA From: IANA I have all prefixes To: APNIC From: APNIC From: ISP A Prefix 1/8 for APNIC To: ISP A To: ISP A ISP A has 1.2/16 Bind 1.2/16 to AS # 12345 4 5 6 blockchain 0 1 2 3 7 ... n n+1 n+2 From: ISP A Who has 1.2/16? To: ISP A Bind 1.2/16 to AS # 12345 AS# 12345 19

  20. Allocation Allocation I can go back to check if this prefix Delegation From: IANA was originally owned by IANA Binding To: IANA From: IANA I have all prefixes To: APNIC From: APNIC From: ISP A Prefix 1/8 for APNIC To: ISP A To: ISP A ISP A has 1.2/16 Bind 1.2/16 to AS # 12345 4 5 6 blockchain 0 1 2 3 7 ... n n+1 n+2 From: ISP A Who has 1.2/16? To: ISP A Bind 1.2/16 to AS # 12345 AS# 12345 20

  21. Operational Considerations 21

  22. Revocation Traditional Bitcoin PKIs Decentralized Centralized control control • Lost keys • Compromised keys • Improper use 22

  23. Revocation Traditional Bitcoin PKIs Decentralized Centralized control control Middle ground: • Timeout  transfer to previous owner • Multi-signature  more than one key • Revocation tx.  by a third party 23

  24. Rekeying • Delegating the block of addresses to itself using a new key pair. • Simpler than traditional rekeying schemes • Can be performed independently (each holder can do it without affecting other holders) From: keyA Other transactions… To: keyB Prefix 1/8 24

  25. Rekeying • Delegating the block of addresses to itself using a new key pair. • Simpler than traditional rekeying schemes • Can be performed independently (each holder can do it without affecting other holders) From: keyA From: keyB Other transactions… To: keyB To: keyC Prefix 1/8 Prefix 1/8 Controlled by the same entity 25

  26. Privacy • Lawful interception • RIR policies • Business relationships Public Private Blockchain Internal RIR (IP prefix1, pubkey1) policies (IP prefix2, pubkey2) … 26

  27. Privacy • Lawful interception • RIR policies • Business relationships Update Public Private (prefix, key) pair Blockchain Internal RIR (IP prefix1, pubkey1) policies (IP prefix2, pubkey2) … 27

  28. Prototype 28

  29. Prototype • Python http://sharetv.com/shows/monty • Features: _pythons_flying_circus_uk – Simple Proof of Stake – Block time 60s – 2 MB blocks – IPv4 and IPv6 • Open-sourced: https://github.com/OpenOverlayRouter/blo ckchain-mapping-system 29

  30. Experiment Genesis block Master 0/0 0::/0 1-Allocate all /10 8 nodes 30

  31. Experiment Genesis block Master 0/0 0::/0 1-Allocate all /10 8 nodes 2-Allocate all /16 3-Allocate ~130k prefixes* *Extracted from RIR statistics exchange files, eg. 31 ftp://ftp.apnic.net/pub/stats/apnic/delegated-apnic-extended-latest

  32. Processed ~160k transactions 32

  33. 3-Allocate ~130k prefixes 2-Allocate all /16 1-Allocate all /10 Processed ~160k transactions 33

  34. 34

  35. 35

  36. Thanks for listening! 36

  37. Scalability Approx. 600 GB in 2034 (IP blocks + AS bindings) • One AS <> prefix binding for each block of /24 IPv4 address space • Growth similar to BGP churn* • Each transaction approx. 400 bytes • Only IP Prefixes: worst case + BGP table growth*: approx. 40 GB in 20 years • With PoS, storage can be reduced 37 *Source: http://www.potaroo.net/ispcol/2017-01/bgp2016.html

  38. Storage • Several mechanisms can help reducing storage, eg: – Prune old transactions – Download only headers (Bitcoin SPV*) – Discard old blocks • These techniques depend on the consensus algorithm 38 *Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Sec. 8

  39. Transaction examples 39

  40. First transaction • Users trust the Public Key of the Root, that initially claims all address space by writing the genesis block • Root can delegate all address space to itself and use a different keypair New Transaction Root@2 “I own all the Hash(P+ root)= Root@1 address space” 40

  41. Prefix allocation and delegation • Root allocates blocks of addresses to other entities (identified by Hash(Public Key)) by adding transactions New Transaction Root@3 (rest of space) 0.0/16 Deleg1@ Root@2 “allocate” 25.5.5/8 Deleg2@ • Holders can further delegate address blocks to other entities New Transaction Deleg1@2 (rest of space) 0.0.1/24 Deleg3@ Deleg1@ “delegate” 0.0.2/24 Deleg4@ 41

  42. Writing AS bindings • Just like delegating a prefix, but instead of the new holder, we write the binding New Transaction 0.0.1/24 from AS# 12345 Deleg3@ “binding” 42

  43. External server authentication • Some information may not be suitable for the blockchain, or changes so fast it is already outdated when added into a block • A public key from an external server can also be included in the delegations • Since blockchain provides authentication and integrity for this key, parties can use it to authenticate responses from the external server 43

  44. FAQ • Does it grow indefinitely? – Yes • Do all nodes have the same information? – Yes • When answering a query, do you have to search the entire blockchain? – No, you can create a separate data structure only with the current data • If I lose my private key, do I lose my prefixes also? – Yes, watch out! 44

Recommend

Applicability of LDP Advertisement Mode (draft-raza-mpls-ldp-applicability-label-adv-00.txt)

Applicability of LDP Advertisement Mode (draft-raza-mpls-ldp-applicability-label-adv-00.txt)

IETF 82 Taipei November 2011 Applicability of LDP Advertisement Mode (draft-raza-mpls-ldp-applicability-label-adv-00.txt) Kamran Raza Sami Boutros Luca Martini (Cisco Systems, Inc.) Nicolai Leymann (Deutsche Telekom) Draft Objective

446 views • 7 slides
ForCES Applicability Statement draft-crouch-forces-applicability-00.txt Mark Handley Alan Crouch

ForCES Applicability Statement draft-crouch-forces-applicability-00.txt Mark Handley Alan Crouch

ForCES Applicability Statement draft-crouch-forces-applicability-00.txt Mark Handley Alan Crouch ForCES Applicability Statement What is an Applicability Statement? A short draft stating what problems its reasonable to apply a protocol to.

332 views • 12 slides
Discussion of Vector-based Computers and Applicability of Different Types of Programs Weston

Discussion of Vector-based Computers and Applicability of Different Types of Programs Weston

Discussion of Vector-based Computers and Applicability of Different Types of Programs Weston Lahr &amp; Matt Myers Agenda Vector Processor vs Super Scalar Scientific Programs Evaluation Metrics Results &amp; Analysis

226 views • 18 slides
1

1

{HEADSHOT}* * The*field*of*so3ware*analysis*is*highly*diverse:*there*are*many*approaches*with*different*strengths*and* limitaBons*in*aspects*such*as*soundness,*completeness,*applicability,*and*scalability.* * In* this* lesson,* we* will*

699 views • 47 slides
Basic Framework Applicability all natural &amp; artificial persons Three basic features

Basic Framework Applicability all natural &amp; artificial persons Three basic features

Presentation at IIC, Annexe, New Delhi 20 th December 2012 FCRA - Specific Situations By CA Subhash Mittal, Secretary Socio Research Reform Foundation E-mail: smittal@sma.net.in Basic Framework Applicability all natural &amp; artificial

545 views • 12 slides
in the Medical Field with Thoughts on the Applicability of CnC as a Framework for Hybrid

in the Medical Field with Thoughts on the Applicability of CnC as a Framework for Hybrid

Archive # A Sketch of Data (graph) Analytic Applications in the Medical Field with Thoughts on the Applicability of CnC as a Framework for Hybrid Platforms in These Application Spaces Gary S. Delp, PhD Just a simple engineer Mayo Clinic S

678 views • 35 slides
Applicability of Free Energy Applicability of Free Energy Calculations using High-Throughput

Applicability of Free Energy Applicability of Free Energy Calculations using High-Throughput

Applicability of Free Energy Applicability of Free Energy Calculations using High-Throughput Calculations using High-Throughput Grid Approach Grid Approach Jan Kmunek, Petr Kulhnek, Zora Stelcov ek, Petr Kulhnek, Zora

482 views • 16 slides
or Instruments on international trade in legal services and their applicability in Asia Dr.

or Instruments on international trade in legal services and their applicability in Asia Dr.

GLOBALISING YOUR PRACTICE - OPPORTUNITIES AND CHALLENGES CHURNING OF THE OCEAN OF MILK or Instruments on international trade in legal services and their applicability in Asia Dr. Pter Kves 1st November 2018 Siem Reap, Cambodia

498 views • 15 slides
Aspects concerning the applicability of the efficiency k- factor in the case of calcareous fly ash

Aspects concerning the applicability of the efficiency k- factor in the case of calcareous fly ash

Proceedings of the EUROCOALASH 2012 Conference, Thessaloniki Greece, September 25-27 2012 http:// www.evipar.org/ Aspects concerning the applicability of the efficiency k- factor in the case of calcareous fly ash Ioanna Papayianni 1 ,

353 views • 9 slides
Natural Weathering of Petroleum and the Applicability of Bioremediation for Oil Spill Cleanup:

Natural Weathering of Petroleum and the Applicability of Bioremediation for Oil Spill Cleanup:

Natural Weathering of Petroleum and the Applicability of Bioremediation for Oil Spill Cleanup: The Exxon Valdez Experience Ronald Atlas University of Louisville James R. Bragg Creative Petroleum Solutions LLC Biodegradation is an Important

641 views • 49 slides
ON THE APPLICABILITY OF BINARY CLASSIFICATION TO DETECT MEMORY ACCESS ATTACKS IN IOT C&amp;ESAR

ON THE APPLICABILITY OF BINARY CLASSIFICATION TO DETECT MEMORY ACCESS ATTACKS IN IOT C&amp;ESAR

ON THE APPLICABILITY OF BINARY CLASSIFICATION TO DETECT MEMORY ACCESS ATTACKS IN IOT C&amp;ESAR 2018- Rennes | CEA Leti | KERROUMI Sanaa | 08/11/18 SOMMAIRE IoT node Related works Problem statement Proposed methodology Results Take out and

752 views • 36 slides
VALIDATION OF THE PMSS MODELLING SYSTEM IN URBAN ENVIRONMENTS AND APPLICABILITY IN CASE OF AN

VALIDATION OF THE PMSS MODELLING SYSTEM IN URBAN ENVIRONMENTS AND APPLICABILITY IN CASE OF AN

VALIDATION OF THE PMSS MODELLING SYSTEM IN URBAN ENVIRONMENTS AND APPLICABILITY IN CASE OF AN EMERGENCY Christophe Duchenne 1 , Patrick Armand 1 , Silvia Trini Castelli 2 , Gianni Tinarelli 3 , and Maxime Nibart 4 DE LA RECHERCHE

465 views • 14 slides
IMPLEMENTING PM-2.5 NSR IN AIR PERMITS Rules Applicability - Ketan Bhandutia Modeling Alan

IMPLEMENTING PM-2.5 NSR IN AIR PERMITS Rules Applicability - Ketan Bhandutia Modeling Alan

IMPLEMENTING PM-2.5 NSR IN AIR PERMITS Rules Applicability - Ketan Bhandutia Modeling Alan Dresser Stack Testing Mike Klein ISG Meeting : February 4, 2011 Federal Actions EPA established PM-2.5 NAAQS (10/17/2006 FR) 35

532 views • 24 slides
The Applicability of Ambient Sensors as Proximity Evidence for NFC Transactions Carlton Shepherd ,

The Applicability of Ambient Sensors as Proximity Evidence for NFC Transactions Carlton Shepherd ,

The Applicability of Ambient Sensors as Proximity Evidence for NFC Transactions Carlton Shepherd , Iakovos Gurulian, Eibe Frank * , Konstantinos Markantonakis, Raja N. Akram, Emmanouil Panaousis , Keith Mayes Information Security Group, Royal

590 views • 24 slides
Applicability of the Tunnel Setup Protocol (TSP) for the Hubs and Spokes Problem

Applicability of the Tunnel Setup Protocol (TSP) for the Hubs and Spokes Problem

Applicability of the Tunnel Setup Protocol (TSP) for the Hubs and Spokes Problem draft-blanchet-v6ops-tunnelbroker-tsp-03.txt IETF Softwire interim meeting Hong Kong, Feb. 2006 Florent.Parent@hexago.com Jean-Francois.Tremblay@hexago.com 1.0

783 views • 12 slides
PTrack: Enhancing the Applicability of Pedestrian Tracking with Wearables Yonghang Jiang,

PTrack: Enhancing the Applicability of Pedestrian Tracking with Wearables Yonghang Jiang,

PTrack: Enhancing the Applicability of Pedestrian Tracking with Wearables Yonghang Jiang, Zhenjiang Li, Jianping Wang Department of Computer Science City University of Hong Kong 6 Insurance companies Customer assessment Sedentary: 21 hours

376 views • 16 slides
DRAFT 12.24.18 Faculty Conduct Policy 1 E. 1. Introduction and Applicability Members of the

DRAFT 12.24.18 Faculty Conduct Policy 1 E. 1. Introduction and Applicability Members of the

DRAFT 12.24.18 Faculty Conduct Policy 1 E. 1. Introduction and Applicability Members of the Worcester Polytechnic Institute (WPI) faculty have traditionally conducted themselves in accordance with high standards of professional

291 views • 11 slides
Deconstructing the FTEM framework and its applicability within Australia Dr Juanita

Deconstructing the FTEM framework and its applicability within Australia Dr Juanita

From active lifestyle to sporting excellence: Deconstructing the FTEM framework and its applicability within Australia Dr Juanita Weissensteiner Athlete Pathways and Development NYSI Youth Athlete Development Conference, November 2016 1 The

344 views • 17 slides
Presentation Overview Applicability of Rules and Regulations Overview of legislative

Presentation Overview Applicability of Rules and Regulations Overview of legislative

C ANNABIS C ONSUMPTION R ULES &amp; R EGULATIONS Mohanned Malhi, R.E.H.S. October 16, 2018 Health Commission Public Health Committee 2 Presentation Overview Applicability of Rules and Regulations Overview of legislative history

419 views • 15 slides
On limits of applicability of G odels second incompleteness theorem F.N. Pakhomov Steklov

On limits of applicability of G odels second incompleteness theorem F.N. Pakhomov Steklov

On limits of applicability of G odels second incompleteness theorem F.N. Pakhomov Steklov Mathematical Institute, Moscow pakhf@mi-ras.ru PDMI Logic Seminar, March 06, 2019 Peano arithmetic Robinsons arithmetic Q: 1. S ( x ) = 0;

1.31k views • 19 slides
Case Study for Applicability of a National LCI Database in an International Context

Case Study for Applicability of a National LCI Database in an International Context

Technology and Society Lab LCM 2007 session LCM in emerging countries Zrich (Switzerland), August 27 to 29, 2007 Case Study for Applicability of a National LCI Database in an International Context Ecological Footprint of the

378 views • 25 slides
APPLICABILITY OF THE BEST PRACTICES FROM THE TEMPUS DETEL PROJECT Zulfiya Tukhtakhodjaeva

APPLICABILITY OF THE BEST PRACTICES FROM THE TEMPUS DETEL PROJECT Zulfiya Tukhtakhodjaeva

APPLICABILITY OF THE BEST PRACTICES FROM THE TEMPUS DETEL PROJECT Zulfiya Tukhtakhodjaeva Associate Professor UzSWLU Developing the Teaching of European Languages: Modernising Language Teaching through the development of blended

921 views • 20 slides
The applicability of next-generation sequencing to native plant materials development Rob

The applicability of next-generation sequencing to native plant materials development Rob

The applicability of next-generation sequencing to native plant materials development Rob Massatti, USGS-Southwest Biological Science Center Flagstaff, AZ Michael Luth www.blackfootnativeplants.com Next-generation sequencing data collection

289 views • 14 slides
applicability to health professional education, credentialing &amp; research Disclosures: Ian

applicability to health professional education, credentialing &amp; research Disclosures: Ian

An exploration of Blockchain and its applicability to health professional education, credentialing &amp; research Disclosures: Ian Graham MBBS, M Health Planning, Cert. Essential Skills in Medical Education, FRACMA Director of

464 views • 25 slides

More recommend