PEARG @ IETF121

Administrivia

Blue sheets / scribe selection / NOTE WELL
Agenda revision

Draft update: Guidelines for Performing Safe Measurement on the Internet

Wes: It reads kind of negative, would be helpful to reframe to teach
readers how to improve their practice
GG: Will do reread from that prespective
Antoine: I review papers, did you try to talk to ? from measurement
conferences (IMC), if you tried to align with major conferences, it
would be good to have a unified framework for private measusurements.
GG: We tried to do in the beginning, it's an open issue.
Sebastian Benthal:

  1. are there recs on how much noise to add?
  2. local DP architectures?
    GG: didn't go into details on adding noise, our rec is to remove all
    identifiable information, we don't have a treatment of differential
    privacy, would be interesting to explore if there are
    implementations. Will you help?
    Seb: Yes, thanks for asking.
    Suleman Ahmad: from cloudflare, doubling down on Wes comment, it's a
    useful draft, but positioning of paper is too defensive, might be
    worth revisit examples and give recomendations that enable user to
    improve

Presentation: Understanding Routing-Induced Censorship Changes Globally

Presentation

Abhishek: Internet censorship is pervasive. One way of measuring
censorship is 'outside-in', testing from 'outside' the jurisidiction,
which relies on symmetrical application of censorship.
ECMP routing. Two packets can take different routes. Radically different
paths based on source port/ip.
There is variance/unreliability acknowledged in censorship measurement.

Goal of our work is to ask what the impact of ECMP routing on global
outside-in censorship measurement? We developed Monocle.
We performed DNS, HTTP and TCP drop/RSTs measurements. Used route-aware
traceroute.
Covered 21 countries. 208 random source IPs, probing 1 sensitive domain.

Found that:

  1. Source IP has high impact on path density (more than port).
  2. Out of 21 countries, 17 impacted because of ECMP.
  3. Impact ranges in countries (some to 100%)

...

Shivan: have you had the chance to reach out to research authors that
you have cited?
Abhishek: Not yet.

David: really cool, never thought ECMP would be an effect.

GG: (1) are recommendations only applicable for outside-in measurements?
(2) for some countries like India, outside-in measurements are not
really reliable. Would be nice to see data for countries where
outside-in measurement is really reliable in that there is
symmetric/bidirectional censorship.

Yaroslav: Great work. Some countries would not bother censoring traffic
that is just transiting, only that is originating. Would be nice to
filter those data points. Would also be nice to differentiate b/w
HTTP/3.

Tara: Can variance be used for censorship cirvumvention?
Abhishek: Could be used, we are exploring it.

Presentation: Call Me By My Name: Simple, Practical Private Information Retrieval for Keyword Queries

Presentation

Sofia: PIR scheme, privately retrieve an element from a database of m
elements.
For PIR, we rely on a cryptographic construction which is additively
homomorphic encryption (AHE): encrypted in a way that certain
mathematical functions can be performed.

You send a long vector, there is a '1' where you want the element.

Assumptions are that the database is public, and indexed (as digits).
How do we expand them to database with key-value pairs?

We are using binary-fuse filters, which are similar to Bloom filters.

You can't fit the full key as a vector, as it will be very long. So we
made it a matrix, break into columns.

ChalametPIR's performance for m size 2^20 is still ~600ms.

Proposed applications:

  1. Compromised credentials checks
  2. Search engines/recommendation engines
  3. TLS Certificate Transparency checks, certificate expiration checks
  4. Safe browsing

Questions

Shivan:
Sofia: Still an open problem to create more efficient filters. Encourage
people to use Binary filters because they are not being used in industry
a lot. Also a problem if the database changes rapidly, then we need more
efficient systems.

GG: For things like Safebrowsing, is PIR more efficient or private set
intersection?
Sofia: PIR is now more efficient, but we do need a rigorous comparison.

Tara: Any upcoming applications and future work?
Sofia: Relevant to a lot of work in the IETF. Now it's very
efficient/practical.