IRTF Open Meeting

Monday, 4 November 2024, at 17:30-19:00 Europe/Dublin
Room: Liffey A

Chair: Colin Perkins
Minutes: Colin Perkins
Recording: YouTube

Introduction and Status Update

Speaker: Colin Perkins, IRTF Chair

Slides

Colin Perkins introduced the meeting. He gave a reminder that the IRTF
is in the process of developing a code of conduct and solicited feedback on this from the group.

Sustainability and the Internet

Speaker: Eve Schooler

Slides

(tbc)

Exploring the Benefits of Carbon-Aware Routing,

Speaker Sawsan El-Zahr

Paper
Slides

Carbon emissions associated with fixed networks can be significant.
However, accounting for these emissions is hard, requires changes to
deployed equipment, and has contentious benefits. This work sheds light
on the benefits of carbon aware networks, by exploring a set of potential
carbon-related metrics and their use to define link-cost in carbon-aware
link-state routing algorithms. Using realistic network topologies,
traffic patterns and grid carbon intensity, we identify useful metrics
and limitations to carbon emissions reduction. Consequently, a new
heuristic carbon-aware traffic engineering algorithm, CATE, is proposed.
CATE takes advantage of carbon intensity and routers’ dynamic power
consumption, combined with ports power down, to minimize carbon
emissions. Our results show that there is no silver bullet to significant
carbon reductions, yet there are promising directions without changes to
existing routers’ hardware.

Discussion:

How the Great Firewall of China Detects and Blocks Fully Encrypted Traffic

Speaker: Mingshi Wu

Paper
Slides

One of the cornerstones in censorship circumvention is fully encrypted
protocols, which encrypt every byte of the payload in an attempt to “look
like nothing”. In early November 2021, the Great Firewall of China (GFW)
deployed a new censorship technique that passively detects—and
subsequently blocks—fully encrypted traffic in real time. The GFW’s new
censorship capability affects a large set of popular censorship
circumvention protocols, including but not limited to Shadowsocks, VMess,
and Obfs4. Although China had long actively probed such protocols, this
was the first report of purely passive detection, leading the
anti-censorship community to ask how detection was possible.

In this paper, we measure and characterize the GFW’s new system for
censoring fully encrypted traffic. We find that, instead of directly
defining what fully encrypted traffic is, the censor applies crude but
efficient heuristics to exempt traffic that is unlikely to be fully
encrypted traffic; it then blocks the remaining non-exempted traffic.
These heuristics are based on the fingerprints of common protocols, the
fraction of set bits, and the number, fraction, and position of printable
ASCII characters. Our Internet scans reveal what traffic and which IP
addresses the GFW inspects. We simulate the inferred GFW’s detection
algorithm on live traffic at a university network tap to evaluate its
comprehensiveness and false positives. We show evidence that the rules we
inferred have good coverage of what the GFW actually uses. We estimate
that, if applied broadly, it could potentially block about 0.6% of normal
Internet traffic as collateral damage.

Our understanding of the GFW’s new censorship mechanism helps us derive
several practical circumvention strategies. We responsibly disclosed our
findings and suggestions to the developers of different anti-censorship
tools, helping millions of users successfully evade this new form of
blocking.

Discussion:

Wrap-up

Colin Perkins thanked the speakers.