IAB Open Meeting, IETF 119

When: Wednesday, March 20, 2024, Session II 13:00 - 14:30

Where: M3 & Meetecho

Chairs: Mirja Kühlewind, Tommy Pauly

Welcome and Status Update - Mirja Kühlewind, Tommy Pauly

Slides: Chair Slides, Internet Architecture Board Open Meeting

Document Updates

Program Updates

Liaison Updates

3GPP Liaison Update - Charles Eckel

Slides: IETF-3GPP Coordination Overview

George Michaelson: There is a conversation going on about erasure of
drafts and the potential to have drafts that can exists in longer
lifetimes. It's not that I think it's appropriate for another SDO to
refer to a non-published document, but there is concern that the
referenced draft will disappear. There's potential for this conversation
about what is the natural face of a draft. I do think it's better they
refer to a published document, but I'm just observing there is a
conversation about this.

BIAS Workshop Report - Dhruv Dhody

Slides: BIAS Workshop Report

Chris Box: What does a community network look like? I want to understand
better what that means? Is that in the report.

Dhruv Dhody: It points to the RFC where you can learn more about it.

Arnaud Taddei: To provide feedback, when the workshop was announced, I
was very skeptical. I procrastinatied and eventually I put in a
contribution which was not accepted, but you granted me an invitation to
attend the workshop. And I was pretty surprised, it was a good format of
a workshop and the conversation was great. Three points I would like to
make: 1) For supporting community networks, how to attract people in the
IETF to work on these? 2) I don't know how many times we have had a
converation about the term "cybersecurity." 3) It was a shock to me when
Mona explained there were commercial and enterprise proxies used to do
censorship.

Andrew Campling: I thought it was worth saying that given the definition
of censorship is the legally-mandated blocking of content, if we look at
techniques to bypass censorship, we may be facilitiating further access
to things like CSAM. The definition on the slide is extremely broad in
my view. I am concerned we are going down a difficult path as a
community that we wouldn't want to take responsibility for.

Mirja Kühlewind: There is an RFC that defines censorship, but I think
one thing that came out of the workshop is that there needs to be more
conversation in this space.

The Thread Group - Stuart Cheshire & Vividh Siddha

Slides: Wireless IPv6 Networking with Thread

George Michaelson: Is this going to become market dominant behavior?
Because the proliferation of semi-proprietary, vertically-siloed
approaches to smart devices is enormously painful.

Stuart Cheshire: I can only speak here for myself, and I 100% agree with
you. I have advocated very strongly for the same things that you're
saying. Peer-to-peer within the home. And for privacy reasons, if you
can avoid information leaving your home, then that's preferable.
Cloud-based services are still possible if companies want to do that. As
far as the matter specification goes, it doesn't require any of that.
So, my personal mission here, and this is why I've spent so much time
working on Thread. I'm a big believer in IPv6 and I'm a big believer in
generic technologies. So at times, various people have said Thread
should become part of some other industry group. And I've always
resisted that because I want Thread to be like Ethernet and WiFi.
Ethernet is not the technology for printers. So it's the technology for
whatever you want to use it for. So, I have been working hard to
maintain the independence of Thread and work with any individuals,
hobbyist companies, industry bodies, anybody who wants to use it is
equally welcome.

Techniques for detecting known illegal material in end-to-end encrypted communications - Vanessa Teague, Australian National University, Melbourne

Slides: Techniques for detecting known illegal material in end-to-end
encrypted communications

Wes Hardaker: Fascinating problem and certainly one that is being well
thought about in many venues right now. A couple of thoughts. Images are
great, with the advent of video and 3D worlds it seems like they are
obsolete at this point, let along frames or pictures pixelated on 3D
triangular objects. I assume law enforcement hasn't caught up to that
yet.

Vanessa Teague: So there are there are actual hash functions on videos.
I've never looked at them carefully, and I don't know whether there are
research papers on the same kinds of attacks, but I assume it wouldn't
be any harder than that would be for images.

Wes Hardaker: Well, I guess that brings it to the next question. The
computational feasibility of doing movies or larger data objects. I
mean, the problem is is that there's a there's a difference between
recorded videos of a particular length where you can analyze the entire
content of the file. Right?

Vanessa Teague: If anything else it's harder to get right with video.

Orie Steele: I work supply chain security and transparency in IETF. In
SCITT, we interact with all aspects of the software ecosystem. I left a
comment in the chat saying you can ask an AI to generate you interezting
content, and if you have an implemenation you can ask for an image that
hits the hash over and over again until you get one, so it doesn't seem
like a very good system.

Vanessa: I agree.

Brian Trammell: The question I put in chat is, how manny of the
incorrectly-tagged images in these databases do you think are evidence
that these pre-image attacks are occuring?

Vanessa: As far as I am aware, none. But in the Irish example I
mentioned, the police were quite coy about it. There are papers that
look at accidental collisions of the hash functions in very large
databases. I don't know of any evidence that these attacks are being
performed, but how would you even know that they are doing it?

Martin Thomson: I want to draw attention to some of the things going on
in adjacent areas. There is a lot of attention on provenance for
AI-generated content. A reverse perpetual hash where you have an image
and it has a watermark and another system detects the presence of the
watermark. There is a long list of material that basically describes if
you have a model that applies a watermark and another that removes and a
different one in the middle. It turns out these are really very
diffiuclt problems and there are no good solutions.

Stephen Farrell: Where should I go to look for details about these
potential hash functions?

Vanessa Teague: It is frustrating because it comes out of a mostly
behind-the-scnenes kind of industry. The Facebook PDQ Repositiory is
very transparent and you cna find it on GitHub.

Eric Rescorla: Neural hash has been reverse-engineered and published. I
can put some links in the chat.