A Cryptographic Approach to Safe Inter-domain Traffic Engineering - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

A Cryptographic Approach to Safe Inter-domain Traffic Engineering

Description:

These can be performed by homomorphic encryption schemes, e.g., Paillier's ... this can be done by homomorphic encryptions. How does this affect the LP problem? ... – PowerPoint PPT presentation

Number of Views:48
Avg rating:3.0/5.0
Slides: 24
Provided by: weido
Category:

less

Transcript and Presenter's Notes

Title: A Cryptographic Approach to Safe Inter-domain Traffic Engineering


1
A Cryptographic Approach to Safe Inter-domain
Traffic Engineering
  • Sridhar Machiraju
  • SAHARA Retreat, Summer 2004

2
Outline
  • Motivation
  • Defining the Problem
  • Proposed Solution
  • Random Noise
  • Discussion and Conclusions

3
Motivation
  • In BGP, Autonomous Systems (ASs) are abstracted
    as a node in a graph

4
In reality,
Peering links
AS1
Internal links
AS2
AS3
5
In BGP,
Peering links
AS1
Internal links
AS2
AS3
6
Motivation
  • In BGP, Autonomous Systems (ASs) are abstracted
    as a node in a graph
  • Why?
  • Scalability
  • Confidentiality of intra-domain information,
    e.g., link quality, routing, flow info, policies
    etc.
  • Why is this bad? Traffic engineering by one AS
    can send flows over bad paths in neighboring ASs

7
Outline
  • Motivation
  • Defining the Problem
  • Proposed Solution
  • Random Noise
  • Discussion and Conclusions

8
High-level Problem Statement
In A, this path has most available bandwidth
A
B
Source of flow F
9
High-level Problem Statement
In A, this path has most available bandwidth
path with best end-to-end available bandwidth
B
A
Destination of flow F
Source of flow F
10
High-level Problem Statement
In A, this path has most available bandwidth
path with best end-to-end available bandwidth
B
A
Destination of flow F
Source of flow F
  • Design a technique so that neighboring domains
    conduct traffic engineering cooperatively in a
    scalable fashion without having to reveal
    confidential intra-domain information?

11
Formalizing the Problem
  • Consider traffic from A to B that can exit one of
    P peering points
  • Two kinds of constraints (of A and B)
  • Given demand Ti, find amount of traffic, xik of
    flow Fi to transit peering point k
  • For every bottleneck link, , all traffic
    traversing it must not exceed avail b/w

Confidential information
12
A Linear Programming Problem
  • Constraints

Constraints in AS A (private to A)
amount of each flow exchanged at peering points
Constraints in AS B (private to B)
  • Objective maximize/minimize CTX
  • (minimize) maximum link utilization
  • (maximize) total traffic exchanged
  • (minimize) average/maximum path inflation

13
Outline
  • Motivation
  • Defining the Problem
  • Proposed Solution
  • Random Noise
  • Discussion and Conclusions

14
Overview of Solution
LP1
  • Sub-matrices of V,W are private to A, B
  • A and B transform the above into
  • Solve LP1 and XQX
  • V, W, X, X, C, C do not reveal any
    information about private information of A and B
    to each other (almost)

LP1
15
Transforming the LP problem
  • A sends encrypted sub-matrix, E(VA) and E(WA) to
    B
  • B chooses random invertible P and Q
  • B sends E(V)PE(V)Q and E(W)PE(W)
  • requires addition of encrypted values and
    multiplication by known scalars (VB, WB)
  • These can be performed by homomorphic encryption
    schemes, e.g., Pailliers
  • A decrypts E(V) and E(W) to obtain LP1

16
The Final Solution
B
E(VA), E(WA)
E(V)PE(V)Q E(W)PE(W)
A
A
Send XQX
Solve VXltW for X
B
E() represents encryption by A
17
Outline
  • Motivation
  • Defining the Problem
  • Proposed Solution
  • Random Noise
  • Discussion and Conclusions

18
Small random noise is OK
  • LP1 does not leak any information about VB, WB
    only if V has full rank
  • So, add small random noise to matrix entries
  • this can be done by homomorphic encryptions
  • How does this affect the LP problem?
  • Constraints may not be violated by small noise
  • Objective function may be affected, though

19
Effect of random noise(1)
  • 10 constraints objective maximize flow

20
Effect of random noise(2)
  • Objective maximize (1path inflation)
  • About 2-3 unsolvable problems too!

21
Outline
  • Motivation
  • Defining the Problem
  • Proposed Solution
  • Discussion and Conclusions
  • Random Noise

22
Discussion
  • Scalability
  • LP problem transformation is quadratic in terms
    of number of cryptographic operations
  • But, traffic engineering not frequent (hourly)
  • Threat model
  • ASs are assumed to be rational, i.e., do not
    inject wrong inputs
  • Future work Experiment with real topologies and
    quantify time complexity

23
Conclusions
  • Inter-domain routing could benefit a lot from
    cooperation which is hindered by confidentiality
    requirements
  • We demonstrate this for the case of safe traffic
    engineering
  • Other cases of inter-domain cooperation policy
    safety, resource allocation and intrusion
    detection
  • checking global invariants
  • computing global functions
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "A Cryptographic Approach to Safe Inter-domain Traffic Engineering" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!