Tuesday, March 28, 2017, 9:00-11:30 (Morning Session I)
Room: Zurich D
Intro & Overview, Project "Advertisements"
[slides]
Mirja Kuhlewind & Dave Plonka
5 min
Refreshing MLab: www.measurementlab.net
[Abstract]
[slides]
Matt Mathis
5 min
LE codepoint: preliminary results and ongoing work in the IETF
[Abstract]
[slides]
Gorry Fairhurst
10 min
TCP ECN: Experience with Enabling ECN on the Internet
[Abstract]
[slides]
Padma Bhooma
20 min
Measuring Trends in IPv6 Support
[Abstract]
[slides]
Tommy Pauly
10 min
You can -j REJECT but you can not hide: Global scanning of the IPv6 Internet
[Abstract]
[slides]
Tobias Fiebig
15 min
No domain left behind: is Let's Encrypt democratizing encryption?
[Abstract]
[slides]
Giovane C. M. Moura
20 min
How Broadcast Data Reveals Your Identity and Social Graph
[Abstract]
[slides]
Rolf Winter
15 min
Weak Keys Remain Widespread in Network Devices
[Abstract]
[slides]
Marcella Hastings
20 min
Open Measurement of Internet Censorship
[Abstract]
[slides]
Will Scott
20 min
Refreshing MLab: www.measurementlab.net (Matt Mathis)
our planned M-Lab platform refresh
LE codepoint: preliminary results and ongoing work in the IETF (Gorry Fairhurst, Ana Custava)
This talk provides measurements results for a path-probing survey to explore the traversability and usefulness of using DSCP 0x02 for a new LE PHB.
Measuring Trends in IPv6 Support
(Tommy Pauly)
A look at client-side data on IPv6 support over time, and how we can analyze trends in support and performance.
You can -j REJECT but you can not hide: Global scanning of the IPv6 Internet (Tobias Fiebig)
Related paper, "Something From Nothing (There): Collecting Global IPv6 Datasets From DNS" (Fiebig et al.) to appear PAM 2017.In this talk we will explore and present the global application of an NXDOMAIN based IPv6 scanning techniques that allows attackers to peek into IPv6 networks. Using NXDOMAIN for IPv6 zone enumeration is possible due to its initially implicit (RFC1034) and by now explicit (RFC8020) semantic of "there is nothing here or thereunder in the tree". We demonstrate how this technique can be used to obtain a large- scale view on the state of IPv6 in infrastructures and data centers. The focus will be specifically on how IPv6 is currently deployed in various networks and how these practices compare to IPv4. Furthermore, we will investigate the security implications of this technique, especially focusing on privacy issues.
No domain left behind: is Let's Encrypt democratizing encryption (Giovane C. M. Moura)
Related paper (arXiv.org): No domain left behind: is Let's Encrypt democratizing encryption? (Aertsen et al.)The 2013 National Security Agency revelations of pervasive monitoring have lead to an "encryption rush" across the computer and Internet industry. To push back against massive surveillance and protect users privacy, vendors, hosting and cloud providers have widely deployed encryption on their hardware, communication links, and applications. As a consequence, the most of web traffic nowadays is encrypted. However, there is still a significant part of Internet traffic that is not encrypted. It has been argued that both costs and complexity associated with obtaining and deploying X.509 certificates are major barriers for widespread encryption, since these certificates are required to established encrypted connections. To address these issues, the Electronic Frontier Foundation, Mozilla Foundation, and the University of Michigan have set up Let's Encrypt (LE), a certificate authority that provides both free X.509 certificates and software that automates the deployment of these certificates. In this paper, we investigate if LE has been successful in democratizing encryption: we analyze certificate issuance in the first year of LE and show from various perspectives that LE adoption has an upward trend and it is in fact being successful in covering the lower-cost end of the hosting market.
TCP ECN: Experience with Enabling ECN on the Internet (Padma Bhooma)
TCP ECN performance data collected from millions of Apple devices in the field. We will discuss some fallback mechanisms and adoption of TCP ECN.
How Broadcast Data Reveals Your Identity and Social Graph (Rolf Winter)
Two related drafts: draft-ietf-intarea-hostname-practice and draft-ietf-intarea-broadcast-considerNetworks rely on broadcasts and multicasts for some of the most basic services such as auto-configuration. In the recent past, application layer protocols have increasingly made use of the broadcast mechanism. Examples of these applications include Dropbox, Spotify or BitTorrent Sync. Given that broadcasts can be seen by every device in a broadcast domain, information that can be gleaned from this traffic is trivially accessible by a passive observer. Therefore, an obvious question is: what does broadcast and multicast traffic reveal about a device, a user or a group in a network?
Related paper (hs-augsburg.de): How Broadcast Data Reveals Your Identity and Social Graph (Faath et al., TRAC 2016)
Weak Keys Remain Widespread in Network Devices (Marcella Hastings)
Related paper (upenn.edu): Weak Keys Remain Widespread in Network Devices (Hastings et al., IMC 2016)In 2012, two academic groups reported having computed the RSA private keys for 0.5% of HTTPS hosts on the internet, and traced the underlying issue to widespread random number generation failures on networked devices. The vulnerability was reported to dozens of vendors, several of whom responded with security advisories, and the Linux kernel was patched to fix a boottime entropy hole that contributed to the failures.
Open Measurement of Internet Censorship (Will Scott)
Related project (torproject.org): OONI: Open Observatory of Network InterferenceOver the last decade, significant effort has gone into documentation of network interference and censorship. Understanding empirical connectivity through this lens complements IETF efforts to understand protocol failures. While censorship efforts have primarily been concerned with application-layer behavior, these are regularly impacted from BGP and IP connectivity anomalies. Of particular relevance are the challenges of attributing censorship, the techniques employed and their limitations, the availability of data, and areas of potential support from the IETF and network operators.