Docstoc
EXCLUSIVE OFFER FOR DOCSTOC USERS
Try the all-new QuickBooks Online for FREE.  No credit card required.

dtn Delay

Document Sample
dtn Delay Powered By Docstoc
					Delay Tolerant Networks
         (DTN)
                      Motivation
•   Rural area (buses, mail trucks, infostations)
•   Mobile routers w/disconnection (e.g., ZebraNet)
•   Sensor networks (e.g., Data mules)
•   Deep space
•   Underwater
•   …
                  Internet vs. DTN
Unstated Internet assumptions
   – Exist some end-to-end paths
   – End-to-end RTT is low
      • At most a few seconds, and typically less than 500 ms
   – Use retransmission for reliability
   – Packet switching is the right abstraction

DTN characteristics
   – Contact connectivity is intermittent and hard to predict
      • May not exist e2e paths
   – Large delay (can be hours or even days!)
   – High link error and low capacity
      • Resource budget can limit transmissions
   – Different network architectures (e.g., TCP/IP won’t work)
           DTN Research Issues
•   Naming, addressing, location management
•   Routing on dynamic graphs
•   Scheduling
•   Security
•   Applications
•   …
                     Outline
• 1st paper focuses on routing problem

• 2nd paper designs a practical DTN system that
  addresses
  – Naming, addressing, location management
  – Routing
  – Security
         Routing on Dynamic Graphs
• DTN routing takes place on a time-varying topology
   – Links come and go, sometimes unpredictably
   – Use any/all links that can possibly help
• Inputs
   – Time varying topologies (S, D, c(t), d(t))
   – Traffic demands
   – Vertex buffer limits
   – Mobility patterns
• Goal
   – Determine route and schedule to optimize some metric (e.g.,
     delay, throughput, resource consumption)
What’s the routing scheme that
       minimizes delay?
Solution 1: Flooding
                    Flooding
• Each node forwards any non duplicated msg to
  any other node it encounters

• Pros: low delay

• Cons: high transmission overhead
What’s the routing scheme that
minimizes resource consumption?
Solution 2: Direct contact
               Direct Contact
• The source holds the data until it comes in
  contact with the destination

• Pros: minimal resources

• Cons: long delay
Solution 3: Simple Replication
             Simple Replication
• Source sends r identical copies over the first r
  contacts
• Relay nodes directly send to the destination
            Illustration
        1               2       3


    3
                            3

                        3



2
    4
                    2           2
1
Solution 4: History-based
       replication
       History-based Replication
• Each node keeps track of the probability a given
  node delivers its message
• It replicates to r highest ranked relays based on
  delivery probability
Solution 5: Erasure-coding
    based Replication
                      Erasure Codes
• Rather than seeking particularly “good” contacts, we
  “split” messages and distribute to more contacts to
  increase chance of delivery
   – Same number of bytes flowing in the network, now in the form
     of coded blocks
   – Partial data arrival can be used to reconstruct the original
     message
      • Given a replication factor of r, (in theory) any 1/r code
         blocks received can be used to reconstruct original data

• Potentially leverage more contacts opportunity  reduce
  worse-case latency
   – Reduces “risk” due to outlier bad contacts
Erasure Codes
           Message n blocks

Encoding (to m blocks, where m > n)




    Split message blocks among r*k relays




Decoding (Require n+alpha blocks)

           Message n blocks
 Simple Replication vs. Erasure Coding
• Simple replication
  – Use first r relays, where each relay gets 1 copy
  – 1 out of r relays to succeed


• Erasure coding
  – Use first r*k relays, where each relay gets 1/k copy
  – k out of r*k relays to succeed
  – If k is large, the delay distribution converges to a
    constant  almost assured constant delay
     Summary: Forwarding Algorithms

 Algorithm         Who           When          To whom
    Flood         All nodes    New contact      All new
    Direct       Source only   Destination     Destination
   Simple        Source only   New contact   r first contacts
Replication(r)
  History (r)     All nodes    New contact      r highest
                                                 ranked
Erasure Coding   Source only   New contact    kr (k>=1) first
    (ec-r)                                     contacts (k is
                                             related to coding
                                                algorithm)
           Evaluation Methodology
• Use a real-world mobility trace collected from the initial
  ZebraNet test deployment in Kenya, Africa, July, 2004




• Only one node returned 32-hour uninterrupted
  movement data
   – Weather and waterproofing issues
• Semi-synthetic group model
   – Statistics of turning angles and walking distance
    Trace Results
                     Contact duration




Inter-contact time
   Performance Evaluation:
      Routing Overhead




History and flooding replicates messages even
after a copy of original message has been
delivered
Performance Evaluation: Latency
          (64 nodes)
     Performance Evaluation:
          Success Rate




ec has low success rate when deadlines are small

ec has high success rate for longer deadlines
   (due to lower 99th percentile latency distr)
                   Theoretical Results on Delay
                          Distribution
  Delay (hours)


                                                        99th percentile
                                 Simple Replication
                                                      SimpleReplication ~
                  Erasure Coding (32 nodes)            3 ErasureCoding




                            percentile (p)
Erasure Coding:
   – Get rids of the ‘bad’ cases
   – Has few very low delay cases
           Summary

Overhead

Flooding

           HR
                SR   EC


                           Direct


                          Average-case Delay
           Summary

Overhead

Flooding
                     HR

           EC   SR


                           Direct


                          Worst-case Delay
How to get good average-case
and worst-case performance?
                       Enhancements
• Optimize common case and guarantee worst-case
   – Whom to replicate to?
      • Currently based on first r contacts
      • Could use delivery probability for selection
   – How much to replicate?
      • Currently every node selected is replicated an equal amount of data
      • Could use delivery probability for deciding the amount to replicate
   – Different coding schemes
      • Adapt the coding parameters based on delivery probability and
        performance requirement
      • Apply network coding
• Provide differentiated services
   – Adapt who to replicate, how much to replicate, when to
     replicate based on the urgency of message
Low-Cost Internet Access using
     Mechanical Backhaul


            A. Seth
            D. Kroeker
         B. M. Zaharia
           C. S. Guo
         D. S. Keshav
                           Big Picture
• Goal: bring Internet connectivity to rural areas
• Approach: rural kiosks
   – 150,000+ operational in India
   – Ministry of Info. Tech. plans to set up 100,000 more in next
     two years
• Kiosks connectivity
     Dial-up
        slow (28 kbps)
        flaky (due to harsh environment)
     Very Small Aperture Terminal
        expensive monthly rental
        spare parts are hard to get
     Long range WiFi
        still experimental
        expensive up front cost (for 18m tower)
                   Mechanical Backhaul*




                                      A bus carrying a 802.11
                                           access point
                                         (Daknet project)
Picture from Daknet project



                                          *Term suggested by A.A.
                                                  Penzias
             Design Goals

Low cost
  < $250/kiosk upfront; <$50/month operational costs
Reliability
Allow user mobility
Use all available networks (cell, dialup,
WiFi....)
Data privacy
Ability to use existing Internet services
Support both kiosk and laptop/PDA users
                    Challenges
Both ends of a ‘connection’ are not
simultaneously present
  Can’t use standard TCP/IP, DNS, SSL
Mostly disconnected, rarely connected
  Opposite of usual assumptions
     for example, made by Mobile IP, HIP, I3, PCMP etc.
Low cost, high reliability, and secure
  Need to share resources without compromising
  integrity
        What can we use?

Cheap storage (< $2/GB)
Wireless networks
Cellular networks
Delay Tolerant Networking
 overlay network
 send messages over potentially disconnected links
 extensible naming, addressing, routing
Architecture overview
How should each entity be named
  to cope with disconnection?
    Naming and Addressing

Users, kiosks, ferries, and gateways all have a
name
Name = any string; for users, phone number or
email
For uniformity, system uses SHA1(string) = 20
bytes
  forwarding uses 20 byte strings
  no need for DNS or PKI (e.g.for HIP)
  = GUID
How to send data to
disconnected users?
  Dealing with disconnection:
           custody
Every potentially disconnected user registers
with a custodian
Custodian acts as rendezvous between sender
and receiver
  anchor point to hide mobility
“Full address” of a user is <custodian GUID,
user GUID>
Similar to name@mail_server
Custodians keep track of registered users
Custodian Choice
How to find custodian?
      Finding the custodian

Sender may know a user’s name or phone
number, but not his or her custodian’s name
Home Location Register (HLR) in the Internet
stores mapping from user GUID to it’s current
custodian’s GUID
Special custodian name = ‘unbound’ allows
sender to send to a destination whose custodian
is unknown
Resolved by Internet gateway
  Setting up HLR: signaling

On user registration or if custodian changes,
custodian and HLR have to be updated (just
like SIP registration)
User sends REGISTER message ‘towards’
custodian,who updates local state and then
forwards it to Internet gateway
Gateway updates HLR
If there was an old custodian, it must be
informed
               Routing


We have assumed that, given custodian’s
GUID or user’s GUID, we can find a path to it
But how?
How does it differ from regular routing in
DTNs?
Do you think if we can apply any DTN routing
schemes here?
  Routing Choice 1: Flooding



Flood bundles everywhere
Or, at least, everywhere within disconnected
region
Effective but inefficient
Still, may be OK for small deployments
routing choice 2: reverse path
          forwarding


                 HLR
   Reverse path forwarding


Uses a single spanning tree
Internet gateway is also custodian
REGISTER message is used to create
forwarding path for a GUID
So, location update is also used for routing
update
Efficient but fragile
 Routing choice 3: Link state
Standard flooding of link state packets
Determining link metrics is a problem
  should reflect gateway load, both current and
  predicted
Pathological cases easy to construct, because
update latency is same time scale as forwarding
latency
  may be able to overcome if we use GPRS for
  routing updates
Better approach I think should decouple
gateway selection and routing as two separate
problems
            Network Security
• What is network security?
• What can a bad buy do?
• Cryptography
        What is network security?
Confidentiality: only sender, intended receiver should
  “understand” message contents
   – sender encrypts message
   – receiver decrypts message
Authentication: sender, receiver want to confirm identity of
  each other
Message integrity: sender, receiver want to ensure message
  not altered (in transit, or afterwards) without detection
Access and availability: services must be accessible and
  available to legitimate users
There are bad guys (and girls) out there!
Q: What can a “bad guy” do?
A: A lot!
  – eavesdrop: intercept messages
  – actively insert messages into connection
  – impersonation: can fake (spoof) source address
    in packet (or any field in packet)
  – hijacking: “take over” ongoing connection by
    removing sender or receiver, inserting himself
    in place
  – denial of service: prevent service from being
    used by others (e.g., by overloading resources)
          Types of Cryptography
• Crypto often uses keys:
  – Algorithm is known to everyone
  – Only “keys” are secret
• Public key cryptography
  – Involves the use of two keys
• Symmetric key cryptography
  – Involves the use of one key
• Hash functions
  – Involves the use of no keys
  – Nothing secret: How can this be useful?
                                              57
        Symmetric key cryptography

              KS                       KS


 plaintext   encryption ciphertext   decryption plaintext
message, m   algorithm                algorithm
                          K (m)                   m = KS(KS(m))
                           S


 symmetric key crypto: Bob and Alice share same (symmetric)
    key: K S
 • e.g., key is knowing substitution pattern in mono alphabetic
    substitution cipher
 Q: how do Bob and Alice agree on key value?

                                                                  58
     Two types of symmetric ciphers
• Stream ciphers
  – encrypt one bit at time
• Block ciphers
  – Break plaintext message in equal-size blocks
  – Encrypt each block as a unit




                                                   59
          Public Key Cryptography

symmetric key crypto             public key cryptography
• requires sender, receiver       radically different
  know shared secret key           approach [Diffie-
• Q: how to agree on key in        Hellman76, RSA78]
  first place (particularly if    sender, receiver do not
  never “met”)?                    share secret key
                                  public encryption key
                                   known to all
                                  private decryption key
                                   known only to receiver


                                                             60
             Public key cryptography

                                           + Bob’s public
                                          K
                                           B key

                                              - Bob’s private
                                          K
                                              B key




 plaintext   encryption ciphertext   decryption plaintext
message, m   algorithm      +         algorithm message
                           K (m)                      -   +
                            B                   m = K B(K (m))
                                                                B




                                                                    61
   Public key encryption algorithms

Requirements:
                  + .        - .
     1 need      KB ( ) and K ( ) such   that
                             B
                    - +
                  K (K (m)) = m
                    B B
                           +
     2   given public key KB, it should be
           impossible to compute private key
             -
           K
             B

  RSA: Rivest, Shamir, Adelson algorithm
                                                62
   Prerequisite: modular arithmetic

• x mod n = remainder of x when divide by n
• Facts:
  [(a mod n) + (b mod n)] mod n = (a+b) mod n
  [(a mod n) - (b mod n)] mod n = (a-b) mod n
  [(a mod n) * (b mod n)] mod n = (a*b) mod n
• Thus
   (a mod n)d mod n = ad mod n
• Example: x=14, n=10, d=2:
  (x mod n)d mod n = 42 mod 10 = 6
  xd = 142 = 196 xd mod 10 = 6                  63
              RSA: getting ready
• A message is a bit pattern.
• A bit pattern can be uniquely represented by an integer
  number.
• Thus encrypting a message is equivalent to encrypting a
  number.
Example
• m= 10010001 . This message is uniquely represented by
  the decimal number 145.
• To encrypt m, we encrypt the corresponding number,
  which gives a new number (the cyphertext).
                                                       64
   RSA: Creating public/private key
                 pair
1. Choose two large prime numbers p, q.
   (e.g., 1024 bits each)

2. Compute n = pq, z = (p-1)(q-1)

3. Choose e (with e<n) that has no common factors
   with z. (e, z are “relatively prime”).

4. Choose d such that ed-1 is exactly divisible by z.
   (in other words: ed mod z = 1 ).

5. Public key is (n,e). Private key is (n,d).
                   +                      -
                  KB                     KB
                                                        65
    RSA: Encryption, decryption
0. Given (n,e) and (n,d) as computed above

1. To encrypt message m (<n), compute
  c = m e mod n

2. To decrypt received bit pattern, c, compute
  m = c d mod n


               m = (m e mod n) d mod n
        Magic
      happens!
                         c

                                                 66
                      RSA example:
  Bob chooses p=5, q=7. Then n=35, z=24.
             e=5 (so e, z relatively prime).
             d=29 (so ed-1 exactly divisible by z).
 Encrypting 8-bit messages.

           bit pattern        m             me               c = me mod n
encrypt:
           0000l100        12           24832                      17

                          d
decrypt:
              c          c                               m = cd mod n
             17   481968572106750915091411825223071697        12


                                                                        67
               Why does RSA work?
• Must show that cd mod n = m
  where c = me mod n
• Fact: for any x and y: xy mod n = x(y mod z) mod n
   – where n= pq and z = (p-1)(q-1)
• Thus,
  cd mod n = (me mod n)d mod n
         = med mod n
         = m(ed mod z) mod n
         = m1 mod n
         =m



                                                       68
   RSA: another important property

The following property will be very useful later:

        -   +              + -
       K (K (m))    = m = K (K (m))
        B   B              B B

     use public key        use private key
     first, followed       first, followed
     by private key         by public key

                Result is the same!

                                                69
        -   +            + -
Why   K (K (m))   = m = K (K (m))     ?
        B   B            B B



Follows directly from modular arithmetic:

(me mod n)d mod n = med mod n
                = mde mod n
                = (md mod n)e mod n


                                            70
          Why is RSA Secure?
• Suppose you know Bob’s public key (n,e).
  How hard is it to determine d?
• Essentially need to find factors of n without
  knowing the two factors p and q.
• Fact: factoring a big number is hard.
Generating RSA keys
 Have to find big primes p and q
 Approach: make good guess then apply testing
   rules (see Kaufman)
                                                  71
                   Security
• Can we use traditional PKI?
                  Security



Why not use traditional PKI?
  finding public key when disconnected is slow
  revocation problems
A nice solution
  What if your public key is your ID?
  A private key generator, generates corresponding
  private key
           solution overview
Use Identity-based cryptography
  Public key is just your identity
  Private key has to be given by private key generator
  (PKG)
If you know correspondent’s identity, you can set up a
secure channel to it
  But the PKG can spy on everyone
Problems
  How to give a disconnected user a private key?
  Revocation
  Mutual authentication
                      Using IBC
How to give a disconnected user a key?
– User goes to a kiosk and requests a public key
   • Kiosk owner manually verifies identity of the user
– Kiosk owner gives shrink wrapped package
  containing
   • Read-only device (smart card or USB dongle)
   • Scratch-off card with security number
– Dongle has one-time password, UID, and security
  number
   • If security numbers match (unused password)
      – PKG returns private key encrypted with the password
      secure communication


If you know a user’s public ID (email or phone
number), you also know their public key
Simply encrypting with this key guarantees
privacy
  except that the private key generator can spy on
  everyone (!)
      Mutual authentication



Users, kiosks, and ferries can mutually
authenticate each other
  because they all have their credentials derived from
  the same private key generator
  simply exchange certificates
  enables opportunistic communication
    as well as billing and auditing
     Private key revocation



Can do time-based revocation
Identity -> (Identity, epoch)
Public key = SHA1(Identity, epoch)
When epoch expires, so does key
  So need to get new private keys from time to time
              Applications
Mobile blog
  opportunistic upload of blog from PDA or from
  kiosk
Jabber (XMPP)
  local jabber server uses OCMP to support kiosk
  users
HTTP-get
Email (under way)
  with Telugu keyboard
Flickr upload (under way)
Had first deployment (2 villages) in May 2006
near Vishakapatnam, Andhra Pradesh
             Fruit for Thought
• All DTNs work so far assume cooperative nodes
  – What’s the impact of selfish nodes in DTNs on delay
    and bandwidth consumption?
  – How to motivate users to forward?


• 1st paper studies unicast routing and 2nd paper
  studies anycast routing. How about multicast
  routing in DTNs?

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:12
posted:4/4/2012
language:
pages:79