Title: Moving Data Through Disconnected Networks
Release Date: 2015-01-17
Document Date: 2012-06-18
Description: This June 2012 NSA presentation describes methods to exfiltrate data, even from networks that are apparently offline: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Document: Moving Data Through
Disconnected Networks
Delay-Tolerant Networking and
the IC (U//FOUO)
June ;
The overall classification of this briefing is:
TOP SECRET//COMINT//REL TO USA, FVEY
Derived From: NSA/CSSM
1-52
Dated: 20070108
Declassify On: 20360901
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
Outline
1. (U) Delay-Tolerant Networking intro
i Outside world: protocols and software
ii. 1C Applications of DTNs
2. (TS//SI//REL) Summary of R4 work
L CHIMNEYPOOL integration
m Wireless testing
3. (TS//SI//REL) Interesting details
¡. DTN Routing
¡i DTN Security
TOP SECRET//COMINT//REL TO USA, FVEY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Mobile Ad-Hoc Networks (U)
- (U//FOUO) A wireless network with no
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Intermittently Connected Network (U)
(U//FOUO) Many wireless networks will not
have end-to-end cf^inectivity
Source
Destination
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Delay-Tolerant Networks (U)
(U//FOUO) DTNs use a store-carry-forward
approach to take ad
mobility
ntage of node
Destination
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Beginnings of DTN (U)
2000: Epidemic Routing
Vahdat and Becker
1990s: Interplanetary Network
NASA, JPL
2002, 2004: ZebraNet
Juang, Oki, Wang, Martonosi, Peh, Rubenstein
2002: Mobility Increases Capacity in Ad-hoc Wireless Networks
Grossglauser and Tse
2003: A DTN Architecture for Challenged Internets
Kevin Fall
2003: DataMULEs
Shah, Roy, Jain, Brunette
2003: Probabilistic Routing in Intermittently Connected
Networks
Lindgren, Doria, Schelen
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Beginnings of DTN: Epidemic (U)
• 2000: Epidemic Routing - Vahdat and Becker
• Nodes exchange "summary vectors"
. Each node sends the data that the other node lacks
• Summary vectors implemented as a Bloom Filter
• Followed by Immunity concept: Resource and performance tradeoffs
in deiay-toierant wireless networks, 2005; Small and Haas
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Beginnings of DTN: Zebra Net (U)
• Wildlife tracking project at Princeton
• GPS + other info gathered by collars on zebras
• Data migrated back to base using "History-Based"
routing
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Beginnings of DTN: IPN (U)
Inter-Planetary Network
Long distances D long propagation delays
Intermittent connections
Known contact schedule D Contact Graph Routing
Worked on since the 1990s by NASA, JPL, incl Vint Cerf
[Figure taken from Vint Cerf’s 2010
presentation: “When Intuition Fails”]
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Beginnings of DTN: DataMULEs (U)
Data MULEs: modeling a three-tier architecture for sparse
sensor networks
2003 Paper by R. C. Shah, S. Roy, S. Jain, W. Brunette
Has mobile MULEs relaying data from sensors to well-
connected Access Points
Similar: A Message Ferrying Approach for Data Delivery in
Sparse Mobile Ad Hoc Networks, 2004; Zhao Ammar,
Zegura
UNCLASSIFIED II FOR OFFICIAL USE ONLY
What's a DTN For? (U//FOUO)
Wildlife tracking
ZebraNet, SWIM, TurtleNet
Outer space
Under water
Underground (mines)
[DTN Communication in a Mine, 2010
Ginzboorg, Karkkainen et al]
• VANETS, Public transit
DieselNet, Braunschweig, NICT
• Battlefields/disaster areas
DAR PA DTN Program
• Sensor nets
• Heterogeneous networks
[Integrating Multiple and Heterogeneous
Challenged Networks for Large-sized Data
Transfer, 2009 Nagata et al]
Rural areas
N4C, DakNet, KioskNet, TIER,
Bytewalla
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
What's a DTN for II (U//FOUO)
• Content dissemination
[PodNet, 2006 - Present; Legendre,
Lenders, May, Karlsson]
Haggle Project
• Social Networking
• Distributed Sotrage
[TierStore, 2008; Demmer, Du,
Brewer]
[DTN-based Content Storage and
Retrieval; Ott, Pitkanen]
Cellular Traffic Offloading
[Cellular Traffic Offloading through
Opportunistic Communications: A Case
Study, 2010; Han, Hiu et al]
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Standardization Activities* (U)
DTNRG has been part of the IRTF since (at least) 2002
RFC 5050 defines the Bundle Protocol
Application-layer overlay that moves "bundles" of data
Convergence Layers move bundles over different
networks __________
Application Application
Bundle Protocol
UDP CLA TCP CLA EthCLA
-i
UDP
TCP
IP
Ethernet
Click CLA
^tjUlnillr-
Shared
Mem
Cuntrd
Messages
f ^ BLindleinterface
UDPlPEncap
IP Fragment
EthcrEncap 1 Bcaconcr
Physical Layer
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Protocol Highlights (U//FOUO)
• Modular architecture
- Convergence layers
- Routers
- Neighbor discovery
• Security extensions
• Persistent storage
• Hop-by-hop and end-to-end reliability
possible
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Bundle Protocol Architecture (U//FOUO)
Bundle
Layer
Bundle Protocol Agent (BPA)
Convergence TCP CL UDP CL File CL AX.25 ■ ■ ■
Layer CL
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Vapor
Bundle Protocol Stack Landscape
lava stack
Bytewalla
Cisco
Java stack
• 111 • 111 ■
cisco.
iPhone
GATech TCPCL
C# stack
Real
SPINDLE
DTN2 Reference
Implementation
IBR-DTN dtns60
UNCLASSIFIED II FOR OFFICIAL USE ONLY
TOP SECRET//COMINT//REL TO USA, FVEY
Vapor
Bundle Protocol Stack Landscape
Ito
lava stack
Bytewalla
(TS//SI//REL)
FUZZYLINT
Lightweight
BPA
Java stack
• 111 • 111 •
cisco.
iPhone
GATech TCPCL
C# stack
SPINDLE
DTN2 Reference
Implementation
IBR-DTN dtns60
TOP SECRET//COMINT//REL TO USA, FVEY
Real
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Summary of Intelligence
Community Applications
(U//FOUO)
UNCLASSIFIED II FOR OFFICIAL USE ONLY
TOP SECRET//COMINT//REL TO USA, FVEY
Covert Communications (TS//SI//REL)
• (TS//SI//REL) Provide covert comms in denied areas
where no infrastructure exists, or where using the
infrastructure would compromise the operation.
• (S//REL) Several "brush-pass" wireless hand-offs as
an untraceable alternative to scheduled meetings,
dead drops.
• (TS//SI//REL) DTN provides an open-source solution
running on commercial handheld devices
Unattributable.
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
Close
(TS//SI//REL)
• (TS//SI//REL) Implant in a secure
facility or denied area
• (TS//SI//REL) Need to transfer data
and commands over two or more
hops
• (TS//SI//REL) May rely on mobile
nodes and unwitting data mules
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//TK//REL TO USA, FVEY
NRO/MSD Collaboration
(TS//SI//TK) Moving data between ground stations using CubeSats.
Coverage every ~1.5 hours. Need DTN
(TS//SI//TK) They use DTN2, ION, contact graph routing
TOP SECRET//COMINT//TK//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
Crowd Sourcing (U)
• (TS//SI//REL) Provide data flow in and out of
closed nations during internet shut-down
• (U) Ambitious BIG idea
• (U) Proposed CONOP not far from current
work
• (U) Proposed internally and externally
• (U) State Dept-funded project had an article
in NYT
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ ■
Tagging Tracking & Locating (U)
(U) Insert GPS trackers in cars or
electronics, but we may never see
them again
(TS//SI//REL) Migrate data back to
collection point via DTN
(TS//SI//REL) Original CONOP for
RAPTORGALAXY
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT/TK//REL TO USA, FVEY
Summary of 1C applications (U//FOUO)
CovComm Close Access NRO CubeSat Comms Crowd- Sourcing Tagging Tracking & Locating
Unattributable Data exfiltration Com ms between Provide data flow in Very small hardware
COTS handsets from isolated networks and denied areas ground stations that only have occasional satellite coverage and out of closed nations Record locations and
Open-source TSV field test Use inexpensive CubeSat platform Ambitious BIG idea Proposed CONOP can be done now Proposed internally and externally encounters Use DTN to migrate data back to collection points
TOP SECRET//COMINT/TK//REL TO USA, FVEY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
DTN work at R4
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Things We Have Done (U)
• Porting FOS DTN software to mobile devices
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Things We Have Done (U)
• Porting FOS DTN software to mobile devices
• Developing friendly user interface software so
anyone can use it
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
What We Have Been Building (U)
• Porting open source DTN software to mobile devices
• Developing friendly user interface software so anyone
can use it
• Testing - determining what actually works
• Field testing different configurations and scenarios
• Implementing security features
• Building new routing modules
• Adding geo-tagging/tracking features
• Experimenting with new neighbor discovery methods
UNCLASSIFIED II FOR OFFICIAL USE ONLY
TOP SECRET//COMINT//REL TO USA, FVEY
FUZZYLINT and
CHIMNEYPOOL integration
(TS//SI//REL)
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
(Not So) Close Access
• (TS//SI//REL) Retrieving data from an
implant without visiting the implant
ourselves
• (TS//SI//REL) Need to add DTN link
capability to the implant
• (S//REL) Data mule may be unaware of
their role
• (TS//SI//REL)Rough prototype demoed
at Trident Spectre
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
STRAITBIZZARE (U)
• (TS//SI//REL) Cross-platform implant built using TAO's
CHIMNEYPOOL framework
- Ports for Linux, Windows, etc..
- Endpoint-centric : focused on file exfil from a PC
- Remote Procedure Call (RPC) based
• (TS//SI//REL) FRIEZERAMP protocol provides covert
networking
- CHIMNEYPOOL comms module
- Similar to IP, IPsec
- Only supports static network configuration
• (TS//SI//REL) FRIEZERAMP links are adapters to
converge FR packets onto the transport layer below
- Examples : https, udp, smtp, etc.
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
Put SBZ on each device ... right?
(TS//SI//REL)
• (TS//SI//REL) File exfil CP modules and FRIEZERAMP
treats reliability as only an end-to-end issue
- FR retransmissions are requested by the receiver
and only the sender can retransmit
- Hop-by-hop reliability is desirable
• (TS//SI//REL) Persistent storage module only waits until
link is available then "send and forget"
• (U//FOUO) All routes are static and setup a priori
• (TS//SI//REL) Operationally, SBZ on each device is
undesirable in some CONOPs
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
TSV CONOP (TS//SI//REL)
Target
Gumstix
N810
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
Ultra-lightweight BPA (TS//SI//REL)
■ (TS//SI//REL) has been building
an ultra-lightweight BPA that can act as a CP
link to a DTN
• (U//FOUO) Locally provides data persistence,
discovery, routing, convergence layers
• (TS//SI//REL) FR packets are already
fragmented, so this BPA does not need to be as
flexible as others
• (S//REL)Can add covert Convergence Layer
Adapters
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
TAO-Specific DTN Stack (TS//SI//REL)
STRAITBIZARRE WARRIORPRIDE
i j
I I
CP DTN Link Modules Comms API
A À
Next-Generation
Stage-2 Implant
DTN API
TCP CLA
Bundle Protocol Agent
Covert CLA??
(HTTP/S)
Covert CLA ??
(SMTP)
Discovery Agent
(DTN IPND Protocol)
Covert ??
Discovery Agent
Router
(Table Based)
Storage Agent
(File Based)
Covert CLA ??
(VOIP)
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
TSV CONOP (TS//SI//REL)
✓
i
Implanted
Target
/
1 Intermediate
Node
X
\
/
1 Intermediate
Node
X
\
' SBZ LP
\
v
SBZ
CP DTN
Lightweig
niP
_ _ ✓
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA, FVEY
Platforms and Capabilities (TS//SI//REL)
Linux netbook Maemo iPhone Gumstix Android Windows and Java
DTN2
IBR-DTN
FUZZYLINT
TOP SECRET//COMINT//REL TO USA, FVEY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Wireless testbeds
(U//FOUO)
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Reality Ninja (U//FOUO)
Reality
i ^
Frui
:
Application
V'" v
Presentation
Session
Transport
Network
Data Link
w
Physical
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Reality Ninja (U//FOUO)
Reality
Network Emulators
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Reality Ninja (U//FOUO)
Reality Network Emulators Simulation
\ A
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Reality Ninja (U//FOUO)
Reality
Network Emulators
Simulation
MeshTest
1 r— I-—
Frui
Application
Application
Application
Presentation
Presentation
Presentation
Session
Session
Session
ssion
Transport
Transport
Transport
nsDO
Network
Network
Network
Data Link
Data Link
Physical
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Mobile Wireless Testbed (U//FOUO)
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Mobile Wireless Testbed (U//FOUO)
0 Stars
0Sky
0 NASA Blue Marble Image
0 Blue Marble (WMS) 200J
0 ¡-cubed Landsat
□ US DA NAJP
0 MS Virtual Farth Aerial
0 U5Q5 Ui bail Ai w OrLliu
0 Political Boundaries
0 Nodes
0 Place Names
0 World Map
0 scale bar
□¡View Controls
0 Compass
0 OperiSlieelMdp
vmi world wind controls
I Connertinn | Node Controls^_______________
Host
|l0 51,4, £_______________________________|
Port
|3336 11
Database Name
Ivirta (YeshTest I
Edge Database Name
| EDGE LI ST_____________________________|.
User ID
Database Password
____________________________________A
Start EKperiment
DisunrieO. Crum Husl/SLup Expel imeiiL
SaL Juii 04 17:06:04 EDT 2011
World
O Round ®Flat
Projection:
Altitude 10 km
Downloading
Lat 37.7800°
Lon -122.4735'
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
CMU Wireless Emulator (U//FOUO)
Emulation
Controller
CMU
Emulab
Boss, Ops
Signal
Conversion
Private
Control
Network
*
*
*
FPGA-baseii
Signal
Propagation
Emulation
User Access
Over
Internet
Signal
Conversion
Signal
Conversion
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Detailed Channel Modeling (U//FOUO)
Project hierarchy:...
□ □ X 0 Calculation Log:... [V]fn~ l X I
□ X Project view: (Rosslyn Tutorial)
'reject: Rosslyn Tutorial
E Antennas
* Features
r Images
f-Graphs
Output Filters
r Receiver sets
^ Requested output
• Study areas and Output
- Area: myareal
+ Point to point
i- Point to multipoint
b- Complex E-Fie Id
+ Complex impulse response
B- E-field X magnitude
B- E-field A phase
ffl E-field V magnitude
e- E-field V phase
b- E-field Z magnitude
+ E-field 2 phase
5 E-field RP15
B- E-field total X magnitude
6 E-field total X phase
& E-field total Y magnitude
+ E-field total Y phase
+ E-field total 2 magnitude
ffl E-field total Z phase
+ E-field total RMS
B- Excess time oF arrival
& Free-space power without anter
+ Free-space power with antenna
B- Path gain
ffl Path loss
E- Propagation paths
RooFtop Single Tx Point
| £ Rooftop LOS TX Point
i Added Single Rk Point
B- Received power
b- Time oF arrival
fe" Transmitter sets
Views
- Waveforms
Project Edit View Output "Select Help
Selection: Rooftop LOS Tx Point, point #1 -> Added Single Rx Point [Propagation paths]
D ' IS ■?? ® I I * Sal
[ÎI)1! Features |0I Images 4Sr Study areas
/fv. Transmitters
Gmail - Inbox (5036).
-, GNU Image Manipulât..
.*-■ î V
fn5 CADocuments and 5e.,
IB Ö
Active Visible | Description 1 Type No. points I Spacing | Antenna Waveform I Collection ra... Bounding bon Filename
Wo Yes Lynn St route 59 5.00 m Vertical dipole *908-5 MHz Auto Auto CADocuments and 5ettings\lls\My DocumenlsY..
No Yes N Moore St route 62 5.00 rn Vertical dipole “308-5 MHz Auto Auto CADocuments and Setting-Alts'-,My DocumentsY,,
No Yes N Kent St route 42 5.00 m Vertical dipole “908-5 MHz Auto Auto CADocuments and SettingsMtsSMy DocumentsY..
No Yes N Nash St/19th St route 112 5.00 m Vertical dipole “908-5 MHz Auto Auto L:\Documenls and Bettings Ml sL.My DocumenlsY..
No Yes Ft. My er Drive route 64 5.00 rn Vertical dipole *908-5 MHz Auto Auto CADocuments and 5ettings\lts\My DocumentsY..
Yes Yes Added Single Fix Point paints 1 N/A Vertical dipole 303-5 MHz Auto Auto CADocuments and SettingsMtskMy DocumenlsY..
¡election: Rooftop LOS Tx Point, point #1 -> Added Single Rx Point [Propagation paths]
Rosslyn T utoilal
Calculation finished. Elapsed time: 00:i
Propagation model parameters
Study area number: 1
Short description: myareal
Propagation model: full3d
Ray spacing [deg.): 0.250
Maximum reflections: 20
Maximum transmissions: 0
Maximum diffractions: 1
Maximum reflections before first d
Maximum reflections between diff
Maximum reflections after last diff
Maximum transmissions before fit:
Maximum transmissions between
Maximum transmissions after last
Ray tracing method: SBR
Ray tracing acceleration: auto
Using partitions.
Available Memory (MB) = 1797.6S
Maximum Memory Used (MB) = 1
Calculation mode before checking
Calculation Mode = 6
completed reading e-field records
mode after checking status of path
Calculation Mode = 6
Start combining fields and writing c
Writing point-to-rnany output
10 Percent Completed Oh Orn
20 Percent Completed Oh 0m
start interference analysis
finish interference analysis
Finish combining fields and writing
Timing results for study area rnyare
Combining Fields and Writing Cutp
Study Area Run Time: Oh Orn 2s f
Finished
Warning Messages
None
Stop time: 16:21:48 6/6/2011
Elapsed time: 25 seconds
j Lomm. systems
|h Materials xu
m
Y: 515.19 m
Z: 42.00 m
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Routing and Reliability Issues
Security Issues
Some Interesting Details
(U)
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Routing in DTNs (U)
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Flood Routing and Epidemic (U)
2000: Epidemic Routing [Vahdat and
Becker]
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Static Routing Background (U)
• Bundle Protocol Nodes are identified by Endpoint
Identifiers (EIDs) that look like:
dtn://dtnbone.umd.edu.dtn/
dtn://nodea.dtn/
ebr://group5.dtn/
• Convergence Layer connections to neighbors are
called "Links"
- For example a TCP connection to a neighbor is a link
• Each link knows the EID of the neighbor associated
with it
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
t0ÊÊÊfc, -
Static Routing Tables (U)
One-hop “Direct Delivery”
Destination Next hop Action
dtn://sam.dtn/ link-0 FWD
dtn://bob.dtn/ link-1 FWD
dtn://amy.dtn/ link-2 FWD
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Static Routing Tables (U)
Two-hop “Bundle Ferry”
Destination Next hop Action
dtn://sam.dtn/ dtn://ferry.dtn/ FWD
dtn://bob.dtn/ dtn://ferry.dtn/ FWD
dtn://amy.dtn/ dtn://ferry.dtn/ FWD
dtn://ferry.dtn/ link-0 FWD
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Static Routing Tables (U)
Two-hop “Bundle Ferry” with wildcards
Destination Next hop Action
dtn://sam.dtn/ dtn://ferry-*.dtn/ FWD
dtn://bob.dtn/ dtn://ferry-*.dtn/ FWD
dtn://amy.dtn/ dtn://ferry-*.dtn/ FWD
dtn://ferry-27.dtn/ link-0 FWD
dtn://ferry-180.dtn/ link-1 FWD
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Static Routing Tables (U)
Multi-hop “Tiered routing”
Destination Next hop Action
dtn://twitter.dtn/ dtn://tierl-*.dtn/ FWD
dtn://twitter.dtn/ dtn://tier2-*.dtn/ FWD
dtn://twitter.dtn/ dtn://tier3-*.dtn/ FWD
dtn://twitter.dtn/ link-0 FWD
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
DTN Routing Bonanza (U)
(U//FOUO) People propose routing protocols for many
different environments and purposes.
- Sometimes with novel applications, sometimes with no
real need
(U) Has inspired the phrase "Yet Another Routing Protocol"
Static
Flooding
Static with copy links
Neighborhood
Epidemic
Endemic
Epidemic with Immunity
mphone
TIERStore
DTLSR
UNCLASSIFIED II FOR OFFICIAL USE ONLY
• (U//FOUO) Delay-Tolerant Link State Routing
- Assumes a mostly stable contact graph
- Nodes all flood their recent contacts
- Each node maintains an internal picture of the
network, and makes routing decisions based on
Dijkstra's alg
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
"Intelligent" Routing: PRoPHET (U)
• Probabilistic routing in intermittently connected
networks, 2003; A. Lindgren, A. Dona, and 0. Scheln
• Probabilistic Routing Protocol using History of
Encounters and Transitivity (PRoPHET)
amy 0.0
sam 0.0
joe 0.4
sam 0.9
bob 0.0
joe 0.0
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
"Intelligent" Routing: PRoPHET (U)
• Probabilistic routing in intermittently connected
networks, 2003; A. Lindgren, A. Dona, and 0. Scheln
• Probabilistic Routing Protocol using History of
Encounters and Transitivity (PRoPHET)
bob
amy 0.4
sam 0.9
joe 0.4
sam 0.9
bob 0.0
joe 0.0
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Network-Coding in DTNs (U)
.->w ' \,
Imagine trying to distribute a 100MB
bundle in a DTN
Idea:
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Network-Coding in DTNs (U)
• Imagine trying to distribute a 100MB bundle in a DTN
• Idea: fragment into 1MB pieces
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Network-Coding in DTNs (U)
Send linear combinations of fragments
A receiver can collect any ten pieces and recover the
data
1MB
1MB
1MB
j 1MB
1MB 1MB
1MB
1MB
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Security in DTNs (U)
UNCLASSIFIED II FOR OFFICIAL USE ONLY
TOP SECRET//COMINT//REL TO USA, FVEY
Security Threats (U)
• (TS//SI//REL) Protecting against rogue bundles being
injected into the network
• (TS//SI//REL) Prevent an adversary from modifying
legitimate bundles
• (S//REL) Protection against eavesdroppers
• (S//REL) Authenticate neighbors before establishing links
• (TS//SI//REL) Low Probability of Detection / Intercept
TOP SECRET//COMINT//REL TO USA, FVEY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Bundle Security Protocol RFC 6257 (U)
• (U) Provides bundle-layer encryption,
authentication, and data integrity
• (U) Lack of connectivity affects choice
of algorithms and services
• (U) Security polices may be directional
• (U//FOUO) Managing keys and their
accompanying policies is a challenge
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Bundle Authentication (U)
• (U) Hop-by-hop Authentication
• (U) Requires each device to generate a shared secret with
each of its neighbors
• (U//FOUO) Establishing these keys is a challenge
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Bundle Authentication (U)
• (U//FOUO) End-to-end authentication
- RSA digital signatures
• (U) Intermediate nodes can verify the
signature
• (U) Cannot assume connectivity to an
external Certificate Authority
• (U) For signatures, the certificate can
be appended to the message
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Bundle Encryption (U)
• (U//FOUO) Payload data encrypted
with AES in Galois Counter Mode
(GCM)
• (U) Provides data integrity
• (U) AES key is encrypted with the
destination's RSA public key
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Key Management Issues (U)
• (U) How to distribute public keys securely
• (U//FOUO) One option: pass certificates between devices
• (U//FOUO) Another option: pre-placing certificates
- Memory issues
• (U) Revoking keys of compromised devices
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Link-Layer Security (U)
(U//FOUO) Even with BSP, CL is wide open
(U//FOUO) Develop a mechanism to authenticate
neighbors before allowing them to connect
■ Enables dropping unwanted bundles
■ May prevent DoS through too many connections
(U//FOUO) Enable different groups of nodes to operate in
the same area but maintain separation
BPA BPA
TCP CL UDP CL TCP CL UDP CL
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Link-Layer Security (U)
(U) Constraints
Lightweight
Low setup latency
Limited bandwidth consumption
Minimal provisioning/maintenance
Compatible with short session
durations
UNCLASSIFIED II FOR OFFICIAL USE ONLY
TOP SECRET//COMINT//REL TO USA, FVEY
Covert Discovery (S//REL)
• (TS//SI//REL) Have set up external
triggers for establishing DTN links
• (S//REL) Similar work being done
outside to reduce power consumption
• (U) Example: Bluetooth beacons
triggering a wifi connection
• (S//REL) Another option: use our own
radios for some hops
TOP SECRET//COMINT//REL TO USA, FVEY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Surveillance-oriented
Demo (U)
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
/ \
Parking
\______________________
Data sources at "secret" locations on campus. Queue
up or generate data.
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Mobile data generator in a car sending
segments of audio
/ \
Parking
\_____________________/
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Destination node in parking lot by the
Comcast Center
UNCLASSIFIED II FOR OFFICIAL USE ONLY
f \
Parking
\_____________________/
Pedestrian relays walk around, and pick up
data from source nodes
UNCLASSIFIED II FOR OFFICIAL USE ONLY
Car Players are typical data
ferries. They relay data to the
destination.
f \
Parking
\_____________________/
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNCLASSIFIED II FOR OFFICIAL USE ONLY
1. Sources
3. Relays
2. Relays
UNCLASSIFIED II FOR OFFICIAL USE ONLY
UNC
Questions?
LASSIFIED II FOR OFFICIAL USE ONLY