Try the all-new QuickBooks Online for FREE.  No credit card required.

dtn Delay

Document Sample
dtn Delay Powered By Docstoc
					Delay Tolerant Networks
•   Rural area (buses, mail trucks, infostations)
•   Mobile routers w/disconnection (e.g., ZebraNet)
•   Sensor networks (e.g., Data mules)
•   Deep space
•   Underwater
•   …
                  Internet vs. DTN
Unstated Internet assumptions
   – Exist some end-to-end paths
   – End-to-end RTT is low
      • At most a few seconds, and typically less than 500 ms
   – Use retransmission for reliability
   – Packet switching is the right abstraction

DTN characteristics
   – Contact connectivity is intermittent and hard to predict
      • May not exist e2e paths
   – Large delay (can be hours or even days!)
   – High link error and low capacity
      • Resource budget can limit transmissions
   – Different network architectures (e.g., TCP/IP won’t work)
           DTN Research Issues
•   Naming, addressing, location management
•   Routing on dynamic graphs
•   Scheduling
•   Security
•   Applications
•   …
• 1st paper focuses on routing problem

• 2nd paper designs a practical DTN system that
  – Naming, addressing, location management
  – Routing
  – Security
         Routing on Dynamic Graphs
• DTN routing takes place on a time-varying topology
   – Links come and go, sometimes unpredictably
   – Use any/all links that can possibly help
• Inputs
   – Time varying topologies (S, D, c(t), d(t))
   – Traffic demands
   – Vertex buffer limits
   – Mobility patterns
• Goal
   – Determine route and schedule to optimize some metric (e.g.,
     delay, throughput, resource consumption)
What’s the routing scheme that
       minimizes delay?
Solution 1: Flooding
• Each node forwards any non duplicated msg to
  any other node it encounters

• Pros: low delay

• Cons: high transmission overhead
What’s the routing scheme that
minimizes resource consumption?
Solution 2: Direct contact
               Direct Contact
• The source holds the data until it comes in
  contact with the destination

• Pros: minimal resources

• Cons: long delay
Solution 3: Simple Replication
             Simple Replication
• Source sends r identical copies over the first r
• Relay nodes directly send to the destination
        1               2       3



                    2           2
Solution 4: History-based
       History-based Replication
• Each node keeps track of the probability a given
  node delivers its message
• It replicates to r highest ranked relays based on
  delivery probability
Solution 5: Erasure-coding
    based Replication
                      Erasure Codes
• Rather than seeking particularly “good” contacts, we
  “split” messages and distribute to more contacts to
  increase chance of delivery
   – Same number of bytes flowing in the network, now in the form
     of coded blocks
   – Partial data arrival can be used to reconstruct the original
      • Given a replication factor of r, (in theory) any 1/r code
         blocks received can be used to reconstruct original data

• Potentially leverage more contacts opportunity  reduce
  worse-case latency
   – Reduces “risk” due to outlier bad contacts
Erasure Codes
           Message n blocks

Encoding (to m blocks, where m > n)

    Split message blocks among r*k relays

Decoding (Require n+alpha blocks)

           Message n blocks
 Simple Replication vs. Erasure Coding
• Simple replication
  – Use first r relays, where each relay gets 1 copy
  – 1 out of r relays to succeed

• Erasure coding
  – Use first r*k relays, where each relay gets 1/k copy
  – k out of r*k relays to succeed
  – If k is large, the delay distribution converges to a
    constant  almost assured constant delay
     Summary: Forwarding Algorithms

 Algorithm         Who           When          To whom
    Flood         All nodes    New contact      All new
    Direct       Source only   Destination     Destination
   Simple        Source only   New contact   r first contacts
  History (r)     All nodes    New contact      r highest
Erasure Coding   Source only   New contact    kr (k>=1) first
    (ec-r)                                     contacts (k is
                                             related to coding
           Evaluation Methodology
• Use a real-world mobility trace collected from the initial
  ZebraNet test deployment in Kenya, Africa, July, 2004

• Only one node returned 32-hour uninterrupted
  movement data
   – Weather and waterproofing issues
• Semi-synthetic group model
   – Statistics of turning angles and walking distance
    Trace Results
                     Contact duration

Inter-contact time
   Performance Evaluation:
      Routing Overhead

History and flooding replicates messages even
after a copy of original message has been
Performance Evaluation: Latency
          (64 nodes)
     Performance Evaluation:
          Success Rate

ec has low success rate when deadlines are small

ec has high success rate for longer deadlines
   (due to lower 99th percentile latency distr)
                   Theoretical Results on Delay
  Delay (hours)

                                                        99th percentile
                                 Simple Replication
                                                      SimpleReplication ~
                  Erasure Coding (32 nodes)            3 ErasureCoding

                            percentile (p)
Erasure Coding:
   – Get rids of the ‘bad’ cases
   – Has few very low delay cases



                SR   EC


                          Average-case Delay



           EC   SR


                          Worst-case Delay
How to get good average-case
and worst-case performance?
• Optimize common case and guarantee worst-case
   – Whom to replicate to?
      • Currently based on first r contacts
      • Could use delivery probability for selection
   – How much to replicate?
      • Currently every node selected is replicated an equal amount of data
      • Could use delivery probability for deciding the amount to replicate
   – Different coding schemes
      • Adapt the coding parameters based on delivery probability and
        performance requirement
      • Apply network coding
• Provide differentiated services
   – Adapt who to replicate, how much to replicate, when to
     replicate based on the urgency of message
Low-Cost Internet Access using
     Mechanical Backhaul

            A. Seth
            D. Kroeker
         B. M. Zaharia
           C. S. Guo
         D. S. Keshav
                           Big Picture
• Goal: bring Internet connectivity to rural areas
• Approach: rural kiosks
   – 150,000+ operational in India
   – Ministry of Info. Tech. plans to set up 100,000 more in next
     two years
• Kiosks connectivity
        slow (28 kbps)
        flaky (due to harsh environment)
     Very Small Aperture Terminal
        expensive monthly rental
        spare parts are hard to get
     Long range WiFi
        still experimental
        expensive up front cost (for 18m tower)
                   Mechanical Backhaul*

                                      A bus carrying a 802.11
                                           access point
                                         (Daknet project)
Picture from Daknet project

                                          *Term suggested by A.A.
             Design Goals

Low cost
  < $250/kiosk upfront; <$50/month operational costs
Allow user mobility
Use all available networks (cell, dialup,
Data privacy
Ability to use existing Internet services
Support both kiosk and laptop/PDA users
Both ends of a ‘connection’ are not
simultaneously present
  Can’t use standard TCP/IP, DNS, SSL
Mostly disconnected, rarely connected
  Opposite of usual assumptions
     for example, made by Mobile IP, HIP, I3, PCMP etc.
Low cost, high reliability, and secure
  Need to share resources without compromising
        What can we use?

Cheap storage (< $2/GB)
Wireless networks
Cellular networks
Delay Tolerant Networking
 overlay network
 send messages over potentially disconnected links
 extensible naming, addressing, routing
Architecture overview
How should each entity be named
  to cope with disconnection?
    Naming and Addressing

Users, kiosks, ferries, and gateways all have a
Name = any string; for users, phone number or
For uniformity, system uses SHA1(string) = 20
  forwarding uses 20 byte strings
  no need for DNS or PKI (e.g.for HIP)
  = GUID
How to send data to
disconnected users?
  Dealing with disconnection:
Every potentially disconnected user registers
with a custodian
Custodian acts as rendezvous between sender
and receiver
  anchor point to hide mobility
“Full address” of a user is <custodian GUID,
user GUID>
Similar to name@mail_server
Custodians keep track of registered users
Custodian Choice
How to find custodian?
      Finding the custodian

Sender may know a user’s name or phone
number, but not his or her custodian’s name
Home Location Register (HLR) in the Internet
stores mapping from user GUID to it’s current
custodian’s GUID
Special custodian name = ‘unbound’ allows
sender to send to a destination whose custodian
is unknown
Resolved by Internet gateway
  Setting up HLR: signaling

On user registration or if custodian changes,
custodian and HLR have to be updated (just
like SIP registration)
User sends REGISTER message ‘towards’
custodian,who updates local state and then
forwards it to Internet gateway
Gateway updates HLR
If there was an old custodian, it must be

We have assumed that, given custodian’s
GUID or user’s GUID, we can find a path to it
But how?
How does it differ from regular routing in
Do you think if we can apply any DTN routing
schemes here?
  Routing Choice 1: Flooding

Flood bundles everywhere
Or, at least, everywhere within disconnected
Effective but inefficient
Still, may be OK for small deployments
routing choice 2: reverse path

   Reverse path forwarding

Uses a single spanning tree
Internet gateway is also custodian
REGISTER message is used to create
forwarding path for a GUID
So, location update is also used for routing
Efficient but fragile
 Routing choice 3: Link state
Standard flooding of link state packets
Determining link metrics is a problem
  should reflect gateway load, both current and
Pathological cases easy to construct, because
update latency is same time scale as forwarding
  may be able to overcome if we use GPRS for
  routing updates
Better approach I think should decouple
gateway selection and routing as two separate
            Network Security
• What is network security?
• What can a bad buy do?
• Cryptography
        What is network security?
Confidentiality: only sender, intended receiver should
  “understand” message contents
   – sender encrypts message
   – receiver decrypts message
Authentication: sender, receiver want to confirm identity of
  each other
Message integrity: sender, receiver want to ensure message
  not altered (in transit, or afterwards) without detection
Access and availability: services must be accessible and
  available to legitimate users
There are bad guys (and girls) out there!
Q: What can a “bad guy” do?
A: A lot!
  – eavesdrop: intercept messages
  – actively insert messages into connection
  – impersonation: can fake (spoof) source address
    in packet (or any field in packet)
  – hijacking: “take over” ongoing connection by
    removing sender or receiver, inserting himself
    in place
  – denial of service: prevent service from being
    used by others (e.g., by overloading resources)
          Types of Cryptography
• Crypto often uses keys:
  – Algorithm is known to everyone
  – Only “keys” are secret
• Public key cryptography
  – Involves the use of two keys
• Symmetric key cryptography
  – Involves the use of one key
• Hash functions
  – Involves the use of no keys
  – Nothing secret: How can this be useful?
        Symmetric key cryptography

              KS                       KS

 plaintext   encryption ciphertext   decryption plaintext
message, m   algorithm                algorithm
                          K (m)                   m = KS(KS(m))

 symmetric key crypto: Bob and Alice share same (symmetric)
    key: K S
 • e.g., key is knowing substitution pattern in mono alphabetic
    substitution cipher
 Q: how do Bob and Alice agree on key value?

     Two types of symmetric ciphers
• Stream ciphers
  – encrypt one bit at time
• Block ciphers
  – Break plaintext message in equal-size blocks
  – Encrypt each block as a unit

          Public Key Cryptography

symmetric key crypto             public key cryptography
• requires sender, receiver       radically different
  know shared secret key           approach [Diffie-
• Q: how to agree on key in        Hellman76, RSA78]
  first place (particularly if    sender, receiver do not
  never “met”)?                    share secret key
                                  public encryption key
                                   known to all
                                  private decryption key
                                   known only to receiver

             Public key cryptography

                                           + Bob’s public
                                           B key

                                              - Bob’s private
                                              B key

 plaintext   encryption ciphertext   decryption plaintext
message, m   algorithm      +         algorithm message
                           K (m)                      -   +
                            B                   m = K B(K (m))

   Public key encryption algorithms

                  + .        - .
     1 need      KB ( ) and K ( ) such   that
                    - +
                  K (K (m)) = m
                    B B
     2   given public key KB, it should be
           impossible to compute private key

  RSA: Rivest, Shamir, Adelson algorithm
   Prerequisite: modular arithmetic

• x mod n = remainder of x when divide by n
• Facts:
  [(a mod n) + (b mod n)] mod n = (a+b) mod n
  [(a mod n) - (b mod n)] mod n = (a-b) mod n
  [(a mod n) * (b mod n)] mod n = (a*b) mod n
• Thus
   (a mod n)d mod n = ad mod n
• Example: x=14, n=10, d=2:
  (x mod n)d mod n = 42 mod 10 = 6
  xd = 142 = 196 xd mod 10 = 6                  63
              RSA: getting ready
• A message is a bit pattern.
• A bit pattern can be uniquely represented by an integer
• Thus encrypting a message is equivalent to encrypting a
• m= 10010001 . This message is uniquely represented by
  the decimal number 145.
• To encrypt m, we encrypt the corresponding number,
  which gives a new number (the cyphertext).
   RSA: Creating public/private key
1. Choose two large prime numbers p, q.
   (e.g., 1024 bits each)

2. Compute n = pq, z = (p-1)(q-1)

3. Choose e (with e<n) that has no common factors
   with z. (e, z are “relatively prime”).

4. Choose d such that ed-1 is exactly divisible by z.
   (in other words: ed mod z = 1 ).

5. Public key is (n,e). Private key is (n,d).
                   +                      -
                  KB                     KB
    RSA: Encryption, decryption
0. Given (n,e) and (n,d) as computed above

1. To encrypt message m (<n), compute
  c = m e mod n

2. To decrypt received bit pattern, c, compute
  m = c d mod n

               m = (m e mod n) d mod n

                      RSA example:
  Bob chooses p=5, q=7. Then n=35, z=24.
             e=5 (so e, z relatively prime).
             d=29 (so ed-1 exactly divisible by z).
 Encrypting 8-bit messages.

           bit pattern        m             me               c = me mod n
           0000l100        12           24832                      17

              c          c                               m = cd mod n
             17   481968572106750915091411825223071697        12

               Why does RSA work?
• Must show that cd mod n = m
  where c = me mod n
• Fact: for any x and y: xy mod n = x(y mod z) mod n
   – where n= pq and z = (p-1)(q-1)
• Thus,
  cd mod n = (me mod n)d mod n
         = med mod n
         = m(ed mod z) mod n
         = m1 mod n

   RSA: another important property

The following property will be very useful later:

        -   +              + -
       K (K (m))    = m = K (K (m))
        B   B              B B

     use public key        use private key
     first, followed       first, followed
     by private key         by public key

                Result is the same!

        -   +            + -
Why   K (K (m))   = m = K (K (m))     ?
        B   B            B B

Follows directly from modular arithmetic:

(me mod n)d mod n = med mod n
                = mde mod n
                = (md mod n)e mod n

          Why is RSA Secure?
• Suppose you know Bob’s public key (n,e).
  How hard is it to determine d?
• Essentially need to find factors of n without
  knowing the two factors p and q.
• Fact: factoring a big number is hard.
Generating RSA keys
 Have to find big primes p and q
 Approach: make good guess then apply testing
   rules (see Kaufman)
• Can we use traditional PKI?

Why not use traditional PKI?
  finding public key when disconnected is slow
  revocation problems
A nice solution
  What if your public key is your ID?
  A private key generator, generates corresponding
  private key
           solution overview
Use Identity-based cryptography
  Public key is just your identity
  Private key has to be given by private key generator
If you know correspondent’s identity, you can set up a
secure channel to it
  But the PKG can spy on everyone
  How to give a disconnected user a private key?
  Mutual authentication
                      Using IBC
How to give a disconnected user a key?
– User goes to a kiosk and requests a public key
   • Kiosk owner manually verifies identity of the user
– Kiosk owner gives shrink wrapped package
   • Read-only device (smart card or USB dongle)
   • Scratch-off card with security number
– Dongle has one-time password, UID, and security
   • If security numbers match (unused password)
      – PKG returns private key encrypted with the password
      secure communication

If you know a user’s public ID (email or phone
number), you also know their public key
Simply encrypting with this key guarantees
  except that the private key generator can spy on
  everyone (!)
      Mutual authentication

Users, kiosks, and ferries can mutually
authenticate each other
  because they all have their credentials derived from
  the same private key generator
  simply exchange certificates
  enables opportunistic communication
    as well as billing and auditing
     Private key revocation

Can do time-based revocation
Identity -> (Identity, epoch)
Public key = SHA1(Identity, epoch)
When epoch expires, so does key
  So need to get new private keys from time to time
Mobile blog
  opportunistic upload of blog from PDA or from
Jabber (XMPP)
  local jabber server uses OCMP to support kiosk
Email (under way)
  with Telugu keyboard
Flickr upload (under way)
Had first deployment (2 villages) in May 2006
near Vishakapatnam, Andhra Pradesh
             Fruit for Thought
• All DTNs work so far assume cooperative nodes
  – What’s the impact of selfish nodes in DTNs on delay
    and bandwidth consumption?
  – How to motivate users to forward?

• 1st paper studies unicast routing and 2nd paper
  studies anycast routing. How about multicast
  routing in DTNs?

Shared By: