
Alibi Routing - jonbaer
https://alibi.cs.umd.edu/
======
vessenes
I'm not sure this is practical. Caveats: I have only read the paper while
sleepy, and I'm worried that I'm breaching our negativity rules with my
attack, but I'll proceed: I propose the following attack on the protocol.

Bisect North and South America with a 'no go zone' for packets -- we can't
live with a packet hitting Omaha, for a variety of reasons.

I propose that there exists no safe "alibi" route from SF to NY. Any crooked
peer can route into the dreaded Omaha and to a crooked NY peer faster than any
safe route can go west through Asia. A crooked peer can forge sequential MACs
showing a 'legitimate' looking route easily.

So, I would reformulate the claims to "If a packet is never routed to an
attacker that can route through a forbidden zone more quickly than obeying the
restrictions, there is a valid alibi routing."

It's hard to come up with a good use case for this protocol, in my mind.
Especially because we are most often concerned with packet routing at the
destination and source, and for legal reasons, not inspection reasons.

It's largely understood by anyone who might possibly be using alibi routing
that packets are often inspected in flight, and there is nothing you can do
about it, and that furthermore the concepts of safe or unsafe nations or
regions or cities are almost laughable when it comes to even the smallest
nation state's avaricious desire for inspection and storage of data flying by.

~~~
cperciva
_Any crooked peer can route into the dreaded Omaha and to a crooked NY peer
faster than any safe route can go west through Asia._

I think the idea is that you can't go through Omaha _and_ have a router in
Asia saying that it handled your data within the time constraints.

~~~
synctext
Indeed, totally not practical. First, it is a very impressive paper that got
into the flagship conference. It presents and solves an intriguing puzzle.

The implied attacker model: you are safe unless your packet traverses an
unsafe country. Wrong in my opinion (RFC 7258).

As a scientist I've seen this over-and-over again. No healthy scientific
community exists around privacy. SIGCOMM-like venue want novel/crazy ideas. We
known onion routing works to a large extend. However, it is a career/tenure
killer to work on that. No grants. No citations.

------
baby
So they use "checkpoints" everywhere in the world and use time as a radius of
impact. I wonder how precise this is.

> Our proofs of avoidance are built around the idea of using what we call
> “alibis”: relays that are sufficiently far away from the forbidden region
> such that traversing both relay and forbidden region would result in a
> noticeably high delay.

And they implemented a p2p protocol to find these alibis easily. I guess from
a starting list of trusted alibis.

> The second contribution we make is the design and implementation of Alibi
> Routing, a peer-to-peer overlay routing system for finding alibis safely and
> efficiently

My main concern is how can they predict the minimum speed a packet takes to
reach their target? Especially with zones of poor cabling.

~~~
zmanian
Establishing baselines from the users current ip address to their alibi seems
like a significant challenge.

If your traffic is being routed for interception, you would only be able to
detect that if you had a preexisting baseline with your alibis.

If there are enough users, we could potentially crowd source baselines for
different autonomous systems to the alibi network.

------
siavosh
I'm curious if geography really has anything to do with governments' and
organizations' access to network traffic?

~~~
tabio
In the example on the home page, the traffic from Italy to Norway, avoiding
Germany, travels across the ocean, which means it bottlenecked through
undersea cables, the most thoroughly tapped network links in the world.

This research is of aesthetic interest, not practical interest.

------
upbeatlinux
Interesting, but does it bother anyone else that someone from Palantir is on
the project?

------
w0000t
Does it matter to avoid USA if _someone_ is taping into the cable in a
different country.

------
tdmule
The paper is interesting, I am only partly through it but I am curious to see
their code and data.

