User menu

SIXPACK : Securing Internet eXchange Points Against Curious onlooKers

Bibliographic reference Chiesa, Marco ; Demmler, Daniel ; Canini, Marco ; Schapira, Michael ; Schneider, Thomas. SIXPACK : Securing Internet eXchange Points Against Curious onlooKers.International Conference on emerging Networking EXperiments and Technologies (Incheon, Republic of Korea, du 12/12/2017 au 15/12/2017). In: Proceedings of the 13th International Conference on emerging Networking EXperiments and Technologies - CoNEXT '17, ACM Press2017
Permanent URL http://hdl.handle.net/2078.1/192664
  1. Zhao Mingchen, Zhou Wenchao, Gurney Alexander J. T., Haeberlen Andreas, Sherr Micah, Loo Boon Thau, Private and Verifiable Interdomain Routing Decisions, 10.1109/tnet.2015.2409233
  2. Zhao Mingchen, Zhou Wenchao, Gurney Alexander J.T., Haeberlen Andreas, Sherr Micah, Loo Boon Thau, Private and verifiable interdomain routing decisions, 10.1145/2342356.2342434
  3. Yao Andrew Chi-Chih, How to generate and exchange secrets, 10.1109/sfcs.1986.25
  4. Xing Changyou, Yang Li, Chen Ming, Estimating Internet Path Properties for Distributed Applications, 10.1109/wicom.2009.5302134
  5. X. Wang and M. K. Reiter. Mitigating Bandwidth-Exhaustion Attacks Using Congestion Puzzles. In ACM Conference on Computer and Communications Security (CCS), 2004.
  6. Wang Han, Lee Ki Suh, Li Erluo, Lim Chiun Lin, Tang Ao, Weatherspoon Hakim, Timing is Everything : Accurate, Minimum Overhead, Available Bandwidth Estimation in High-speed Wired Networks, 10.1145/2663716.2663746
  7. Wang Feng, Gao Lixin, On inferring and characterizing internet routing policies, 10.1145/948205.948208
  8. S. Tao and R. Guérin. On-line Estimation of Internet Path Performance: An Application Perspective. In IEEE Conference on Computer Communications (INFOCOM), 2004.
  9. Stringer Jonathan Philip, Fu Qiang, Lorier Christopher, Nelson Richard, Rothenberg Christian Esteve, Cardigan : deploying a distributed routing fabric, 10.1145/2491185.2491221
  10. Sherwood Rob, Bender Adam, Spring Neil, Discarte : a disjunctive internet cartographer, 10.1145/1402958.1402993
  11. Sherry Justine, Lan Chang, Popa Raluca Ada, Ratnasamy Sylvia, BlindBox : Deep Packet Inspection over Encrypted Traffic, 10.1145/2785956.2787502
  12. T. Schneider and M. Zohner. GMW vs. Yao? efficient secure two-party computation with low depth circuits. In Financial Cryptography and Data Security (FC), volume 7859 of LNCS, pages 275--292. Springer, 2013.
  13. Performance Evaluation of BIRD and GoBGP, 2014. https://www.euro-ix.net/m/uploads/2016/04/24/EuroIX_GoBGP_20160419.pdf.
  14. Roughan Matthew, Zhang Yin, Privacy-preserving performance measurements, 10.1145/1162678.1162687
  15. Roughan Matthew, Willinger Walter, Maennel Olaf, Perouli Debbie, Bush Randy, 10 Lessons from 10 Years of Measuring and Modeling the Internet's Autonomous Systems, 10.1109/jsac.2011.111006
  16. Richter Philipp, Smaragdakis Georgios, Feldmann Anja, Chatzis Nikolaos, Boettger Jan, Willinger Walter, Peering at Peerings : On the Role of IXP Route Servers, 10.1145/2663716.2663757
  17. Paul Anup Kumar, Tachibana Atsuo, Hasegawa Teruyuki, An Enhanced Available Bandwidth Estimation Technique for an End-to-End Network Path, 10.1109/tnsm.2016.2572212
  18. Papageorge Pavlos, McCann Justin, Hicks Michael, Passive aggressive measurement with MGRP, 10.1145/1592568.1592601
  19. J. B. Nielsen, P. S. Nordholt, C. Orlandi, and S. S. Burra. A new approach to practical active-secure two-party computation. In CRYPTO, volume 7417 of LNCS, pages 681--700. Springer, 2012.
  20. Z. M. Mao, R. Bush, T. Griffin, and M. Roughan. BGP Beacons. In Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM), 2003.
  21. D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella. Fairplay - secure two-party computation system. In USENIX Security, 2004.
  22. H. V. Madhyastha, E. Katz-Bassett, T. Anderson, A. Krishnamurthy, and A. Venkataramani. iPlane Nano: Path Prediction for Peer-to-peer Applications. In USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2009.
  23. S. Machiraju and R. H. Katz. Verifying global invariants in multi-provider distributed systems. In ACM Workshop on Hot Topics in Networks (HotNets, 2004.
  24. S. Machiraju and R. H. Katz. Reconciling cooperation with confidentiality in multi-provider distributed systems. Technical Report UCB/CSD-04-1345, EECS Department, University of California, Berkeley, Aug 2004.
  25. M. Chiesa, D. Demmler, M. Canini, M. Schapira, T. Schneider. Securing Internet eXchange Points Against Curious onlooKers, Jan. 2017. http://bit.ly/sixpack-tech-rep.
  26. Internet Routing Privacy Survey, 2017. http://bit.ly/2rjT7Nj.
  27. M., R. Di Lallo, G. Lospoto, H. Mostafaei, M. Rimondini, and G. Di Battista. PrIXP: Preserving the Privacy of Routing Policies at Internet eXchange Points. In IFIP/IEEE International Symposium on Integrated Network Management, IM, 2017.
  28. Liu Chang, Wang Xiao Shaun, Nayak Kartik, Huang Yan, Shi Elaine, ObliVM: A Programming Framework for Secure Computation, 10.1109/sp.2015.29
  29. LightReading. Pica8 powers french TOUIX SDN-driven internet exchange, June 2015. http://www.lightreading.com/white-box/white-box-systems/pica8-powers-french-touix-sdn-driven-internet-exchange/d/d-id/716667.
  30. Lee Taeho, Pappas Christos, Barrera David, Szalachowski Pawel, Perrig Adrian, Source Accountability with Domain-brokered Privacy, 10.1145/2999572.2999581
  31. B. Kreuter, B. Mood, A. Shelat, and K. Butler. PCF: a portable circuit format for scalable two-party secure computation. In USENIX Security, 2013.
  32. V. Kolesnikov, A.-R. Sadeghi, and T. Schneider. Improved garbled circuit building blocks and applications to auctions and computing minima. In CANS, volume 5888 of LNCS, pages 1--20. Springer, 2009.
  33. P. Koeberl, V. Phegade, A. Rajan, T. Schneider, S. Schulz, and M. Zhdanova. Time to rethink: Trust brokerage using trusted execution environments. In Trust and Trustworthy Computing (TRUST), volume 9229 of LNCS, pages 181--190. Springer, 2015.
  34. R. Kloeti, M. Rost, P. Georgopoulos, B. Ager, S. Schmid, and D. X. Stitching inter-domain paths over IXPs. In ACM Sigcomm Symposium on SDN Research (SOSR), 2016.
  35. S. M. Kim, J. Han, J. Ha, T. Kim, and D. Han. Enhancing Security and Privacy of Tor's Ecosystem by Using Trusted Execution Environments. In USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2017.
  36. Kim Seongmin, Shin Youjung, Ha Jaehyung, Kim Taesoo, Han Dongsu, A First Step Towards Leveraging Commodity Trusted Execution Environments for Network Applications, 10.1145/2834050.2834100
  37. M. Keller. The oblivious machine -- or: How to put the C into MPC. IACR Cryptology ePrint Archive, page 467, 2015. http://ia.cr/2015/467.
  38. Javed Umar, Cunha Italo, Choffnes David, Katz-Bassett Ethan, Anderson Thomas, Krishnamurthy Arvind, PoiRoot : investigating the root cause of interdomain path changes, 10.1145/2486001.2486036
  39. Jain Prerit, Desai Soham, Kim Seongmin, Shih Ming-Wei, Lee JaeHyuk, Choi Changho, Shin Youjung, Kim Taesoo, Byunghoon Kang Brent, Han Dongsu, OpenSGX: An Open Platform for SGX Research, 10.14722/ndss.2016.23011
  40. Jain Manish, Dovrolis Constantine, Path selection using available bandwidth estimation in overlay-based video streaming, 10.1016/j.comnet.2008.04.019
  41. Interxion colocation services, 2017. http://www.interxion.com/.
  42. Making Route Servers Aware of Data Link Failures at IXPs, 2017. https://tools.ietf.org/html/draft-ietf-idr-rs-bfd-02.
  43. Advertisement of Multiple Paths in BGP, Oct. 2014. https://tools.ietf.org/html/draft-ietf-idr-add-paths-10.
  44. Huston Geoff, Rossi Mattia, Armitage Grenville, Securing BGP — A Literature Survey, 10.1109/surv.2011.041010.00041
  45. Y. Huang, D. Evans, J. Katz, and L. Malka. Faster secure two-party computation using garbled circuits. In USENIX Security, pages 539--554, 2011.
  46. Holzer Andreas, Franz Martin, Katzenbeisser Stefan, Veith Helmut, Secure two-party computations in ANSI C, 10.1145/2382196.2382278
  47. Henecka Wilko, Roughan Matthew, STRIP: Privacy-preserving vector-based routing, 10.1109/icnp.2013.6733586
  48. Gupta Debayan, Segal Aaron, Panda Aurojit, Segev Gil, Schapira Michael, Feigenbaum Joan, Rexford Jenifer, Shenker Scott, A new approach to interdomain routing based on secure multi-party computation, 10.1145/2390231.2390238
  49. Gupta Debayan, Mood Benjamin, Feigenbaum Joan, Butler Kevin, Traynor Patrick, Using Intel Software Guard Extensions for Efficient Two-Party Secure Function Evaluation, Financial Cryptography and Data Security (2016) ISBN:9783662533567 p.302-318, 10.1007/978-3-662-53357-4_20
  50. A. Gupta, L. Vanbever, M. Shahbaz, S. P. Donovan, B. Schlinker, N. Feamster, J. Rexford, S. Shenker, R. Clark, and E. Katz-Bassett. SDX: A software defined internet exchange. In Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM), 2014.
  51. A. Gupta, R. MacDavid, R. Birkner, M. Canini, N. Feamster, J. Rexford, and L. Vanbever. An industrial-scale software defined internet exchange point. In USENIX Symposium on Networked Systems Design and Implementation (NSDI), 2016.
  52. Cloud Native Networking, 2017. Amin Vahdat's keynote at Open Networking Summit. Available at http://bit.ly/2qIZigQ.
  53. Goldwasser Shafi, Kalai Yael, Popa Raluca Ada, Vaikuntanathan Vinod, Zeldovich Nickolai, Reusable garbled circuits and succinct functional encryption, 10.1145/2488608.2488678
  54. O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game or a completeness theorem for protocols with honest majority. In ACM Symposium on Theory of Computing (STOC), 1987.
  55. O. Goldreich. The Foundations of Cryptography - volume 2, Basic Applications. Cambridge University Press, 2004.
  56. P. Gill, M. Schapira, and S. Goldberg. A Survey of Interdomain Routing Policies. Computer Communication Review, 2014.
  57. Gill Phillipa, Schapira Michael, Goldberg Sharon, Let the market drive deployment : a strategy for transitioning to BGP security, 10.1145/2018436.2018439
  58. C. Gentry, S. Halevi, and N. P. Smart. Homomorphic evaluation of the AES circuit. In CRYPTO, volume 7417 of LNCS, pages 850--867. Springer, 2012.
  59. Gentry Craig, Fully homomorphic encryption using ideal lattices, 10.1145/1536414.1536440
  60. Garg Sanjam, Gentry Craig, Halevi Shai, Raykova Mariana, Sahai Amit, Waters Brent, Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits, 10.1109/focs.2013.13
  61. Lixin Gao, On inferring autonomous system relationships in the Internet, 10.1109/90.974527
  62. Dimitropoulos Xenofontas, Krioukov Dmitri, Fomenkov Marina, Huffaker Bradley, Hyun Young, claffy kc, Riley George, AS relationships : inference and validation, 10.1145/1198255.1198259
  63. Demmler Daniel, Schneider Thomas, Zohner Michael, ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation, 10.14722/ndss.2015.23113
  64. Deutscher Commercial Internet Exchange, 2017. https://www.de-cix.net/.
  65. An IXP Route Server Test Framework, 2016. https://www.de-cix.net/_Resources/Persistent/fba89bc19381b6784df99d2a78d4a11ebb7583c2/DE-CIX-route-server-testframework.pdf.
  66. Project endeavour, Jan. 2015. https://www.de-cix.net/en/about-de-cix/research-and-development/endeavour.
  67. Deutscher commercial internet exchange infrastructure, 2013. https://apollon.de-cix.net/news/blog-post/2013/07/26/de-cix-apollons-current-topology/.
  68. D. Croce, M. Mellia, and E. Leonardi. The Quest for Bandwidth Estimation Techniques for Large-scale Distributed Systems. SIGMETRICS Perform. Eval. Rev., 37(3), Jan. 2010.
  69. Croce Daniele, Leonardi Emilio, Mellia Marco, Large-Scale Available Bandwidth Measurements: Interference in Current Techniques, 10.1109/tnsm.2011.110311.110110
  70. V. Costan and S. Devadas. Intel SGX explained. Cryptology ePrint Archive, Report 2016/086, 2016. http://ia.cr/2016/086.
  71. Cittadini Luca, Di Battista Giuseppe, Erlebach Thomas, Patrignani Maurizio, Rimondini Massimo, Assigning AS relationships to satisfy the Gao-Rexford conditions, 10.1109/icnp.2010.5762760
  72. Bgp best path selection algorithm, 2017. http://bit.ly/2slSBhV.
  73. Choffnes D., Bustamante F. E., On the Effectiveness of Measurement Reuse for Performance-Based Detouring, 10.1109/infcom.2009.5061977
  74. M. Canini, V. Jovanović, D. Venzano, G. Kumar, D. Novaković, and D. Kostić. Checking for Insidious Faults in Deployed Federated and Heterogeneous Distributed Systems. Technical Report 164475, EPFL, 2011.
  75. Butler K., Farley T.R., McDaniel P., Rexford J., A Survey of BGP Security Issues and Solutions, 10.1109/jproc.2009.2034031
  76. N. Büscher and S. Katzenbeisser. Faster Secure Computation through Automatic Parallelization. In USENIX Security, 2015.
  77. M. Burkhart, M. Strasser, D. Many, and X. Dimitropoulos. SEPIA: Privacy-preserving Aggregation of Multi-domain Network Events and Statistics. In USENIX Security, 2010.
  78. P. Bogetoft, D. L. Christensen, I. Damgård, M. Geisler, T. Jakobsen, M. Krøigaard, J. D. Nielsen, J. B. Nielsen, K. Nielsen, J. Pagter, M. Schwartzbach, and T. Toft. Secure multiparty computation goes live. In Financial Cryptography and Data Security (FC), volume 5628 of LNCS, pages 325--343. Springer, 2009.
  79. D. Bogdanov, R. Talviste, and J. Willemson. Deploying secure multi-party computation for financial data analysis - (short paper). In Financial Cryptography and Data Security (FC), volume 7397 of LNCS, pages 57--64. Springer, 2012.
  80. Bogdanov Dan, Kamm Liina, Laur Sven, Pruulmann-Vengerfeldt Pille, Talviste Riivo, Willemson Jan, Privacy-Preserving Statistical Data Analysis on Federated Databases, Privacy Technologies and Policy (2014) ISBN:9783319067483 p.30-55, 10.1007/978-3-319-06749-0_3
  81. D. Bogdanov, M. Jõemets, S. Siim, and M. Vaht. How the Estonian tax and customs board evaluated a tax fraud detection system based on secure multiparty computation. In Financial Cryptography and Data Security (FC), volume 8975 of LNCS, pages 227--234. Springer, 2015.
  82. Barrera David, Chuat Laurent, Perrig Adrian, Reischuk Raphael M., Szalachowski Pawel, The SCION internet architecture, 10.1145/3085591
  83. G. Asharov, D. Demmler, M. Schapira, T. Schneider, G. Segev, S. Shenker, and M. Zohner. Privacy-preserving interdomain routing at Internet scale. Proceedings on Privacy Enhancing Technologies (PoPETs), 2017(3), 2017.
  84. Anwar Ruwaifa, Niaz Haseeb, Choffnes David, Cunha Ítalo, Gill Phillipa, Katz-Bassett Ethan, Investigating Interdomain Routing Policies in the Wild, 10.1145/2815675.2815712
  85. Amdsterdam internet exchange infrastructure, 2017. https://ams-ix.net/technical/ams-ix-infrastructure.
  86. AMS-IX: Real-time-statistics, Feb. 2016. https://ams-ix.net/technical/statistics/real-time-stats.
  87. AMS-IX: Megaport and AMS-IX Partner to Provide Global SDN-Enabled Elastic Interconnection and Internet Exchange Service, Jan. 2016. https://ams-ix.net/newsitems/233.
  88. Follow up: AMS-IX Route-Server Performance Test Euro-IX 20th, 2012. https://ripe64.ripe.net/presentations/49-Follow_Up_AMS-IX_route-server_test_Euro-IX_20th_RIPE64.pdf.
  89. Ager Bernhard, Chatzis Nikolaos, Feldmann Anja, Sarrar Nadi, Uhlig Steve, Willinger Walter, Anatomy of a large european IXP, 10.1145/2342356.2342393