From: Cristian Estan (cestan@cs.ucsd.edu)
Date: Wed Feb 14 2001 - 15:03:33 PST
Joerg Micheel wrote:
> Cristian,
>
> this topic has been discussed intensily, more in private than in public.
> I think there is support for your ideas, but you have to prove that it
> is technically impossible to breach anyones security and privacy. You
I think that there is a fair chance that we can come up with a
(provably) safe enough scheme if we discuss the problem. I don't claim
to have one right now.
> are suggesting to preserve more of the structure that is contained in
> todays IP addresses (networks and subnetworks). With the information
> where the trace was captured and the IP address structure preserved it is
> fairly easy to regain the IP address of certain machines, breaking the
> original claim that we are doing a safe job here. There is a borderline
It is not clear to me how the current scheme protects the identity of
those machines better than the new one. Especially so if with the new
scheme, we encrypt traces from different routers with different keys and
never reuse keys. A couple of concrete examples of what you had in mind
might help....
> where we are risking the entire project of passive measurements when people
> start feeling insecure about our measurement and postprocessing procedures.
I understand that even if we come up with a new scheme that is as secure
as the old one, if the people whose networks the traces come from don't
feel confortable with it, the right thing is to continue using the old
scheme. What is not clear to me is whether the encryption I proposed, or
an improved variant thereof can provide the level of privacy they want.
What exactly do they consider sensitive? Where is the line? I assume it
is not OK if one can identify that encrypted address A comes from actual
address B. I assume it is not OK if one can identify that encrypted
network C comes from actual network D. Is it OK if one can conclude that
encrypted network C comes from one of the actual networks D1, D2,
D3,....,Dk ? For what value of k is this acceptable? Obviously, if k
equals the number of existing networks, there is nothing they learned.
What if they can only say that with probability p network C comes from
network D? How small a p is acceptable?
I think that if we can define the privacy needs clearly enough, deriving
a good encryption scheme that preserves the routing table (or proving
that we cannot make up one) will not be that difficult.
Cheers,
Cristian
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 16:24:41 PDT