[cryptography] Application Layer Encryption Protocols Tuned for Cellular?

Jeffrey Walton noloader at gmail.com
Mon Nov 5 07:05:58 EST 2012

On Mon, Nov 5, 2012 at 12:46 AM, ianG <iang at iang.org> wrote:
> On 5/11/12 09:45 AM, Jeffrey Walton wrote:
>> On Sat, Nov 3, 2012 at 9:08 PM,  <dan at geer.org> wrote:
>>>   > ...
>>>   > In practice, the 7 layer model was not an implementation recipe -
>>> TCP/IP
>>>   > in the broader Internet sense showed that engineering required
>>> working
>>>   > with the tech of the time, not the abstractions from some CS class or
>>>   > government contract sales team.  TCP in the narrow sense shows it
>>> again
>>>   > - sticking TCP in layer 4 and stopping there doesn't work - it claims
>>>   > everything is a stream, when 'everything is a datagram' is closer to
>>> the
>>>   > truth, and a more useful assumption.  TCP further assumes it can
>>>   > reliably deliver data, when actually it's only reliable enough if you
>>>   > care only enough to do the demo.
>>>   > ...
>>> I don't know what to think of the following, but it may be germane:
>>> http://rina.tssg.org/docs/JohnDay-LostLayer120306.pdf
>> Somewhat off topic, but Day has another good presentation at
>> http://csr.bu.edu/rina/KoreaHowtoCleanASlate100219.pdf.
>> * Mobility is cumbersome and doesn’t scale
>>    - Excuse: What do you mean? It works. . . . . Sort of.
>>    - Actual: With only physical addresses, hard to do “re-locatable”
>> addressing
> I think they (both) germane and on topic - but he's looking at it from a
> completely different perspective.  We are talking about how to make the net
> work across phones, John Day is talking about what is wrong with net from
> fundamentals.  IOW, we're assuming IP as the given, he's attacking IP & TCP
> as a broken result of a muffed layer architecture, and moving to replace it
> with how it should be.
> Where we meet is that some of his conceptual (?) criticisms are exactly why
> the net does not work well across mobile.
> E.g., slide 40, talking about connection v. connectionless:
> ======================================
> Resolving the CO/CL Problem
> • Lets look at this very carefully
> • What makes connection-oriented so brittle to failure?
>    • When a failure occurs, no one knows what to do.
>    • Have to go back to the edge to find out how to recover.
> • What makes connectionless so resilient to failure?
>    • Everyone knows how to route everything!
> • Just a minute! That means!
>    • Yes, connectionless isn’t minimal state, but maximal state.
>        • The dumb network ain’t so dumb.
>    • Where did we go wrong?
> • We were focusing on the data transfer and ignoring the rest:
There are a few instance problems in play. One is how to integrate
crypto safely and get the crypto to cover the most data in the
vertical stack while minimizing trust on the lower [untrusted] layers.
The others relate to cellular and TCP or UDP over IP. I've been trying
to get my head around the problems and possible solutions.

M-TCP and M-UDP are attempts at getting the network layer to play well
over cellular. M-{TCP|UDP} require infrastructure changes in the
carrier's physical plant. For example, the supervisor host that acts
as a surrogate when the cellular device is in a state of fade. I'm
fairly convinced there's something broken here. Perhaps its as simple
as "carriers are not implementing it".

In network routing, the idea is "bad news travels fast", where the bad
news is loss of a route to a host. In cellular, the loss of a host is
hidden, so that breaks the server's side of networking. The device's
side of networking is also broken since loss of the network is also
hidden. The routing layer's behavior has been modified in an attempt
to suppress bad news.

In my [cynical] view: carriers have broken networking because of
money. They may be maximizing profits by not fixing mobile-IP problems
in their plant; maximizing profits by not putting up that extra tower;
or maximizing profits by not signing an agreement to share towers or
purchase roof rights. These are the same folks who sell me unlimited
data plans, yet I have no data (and sometimes no voice) when I travel
into some cells. Its OK from their point of view because profit is the
variable to be maximized. There is little oversight, so "catch me if
you can" is the name of the game.

I think I need a protocol with [at least] two properties to combat
carriers: "silence is bad" and "good news travels fast." TCP/IP is
broken, so it has to be a UDP based protocol. Crypto will be added on
top of that.


More information about the cryptography mailing list