CLKscrew: Another side channel you didn’t know about

30 August 2018 | Comments Off on CLKscrew: Another side channel you didn’t know about

Network engineers focus on protocols and software, but somehow all of this work must connect to the hardware on which packets are switched, and data is processed. A big part of the physical side of what networks “do” is power—how it is used, and how it is managed. The availability of power is one of…

Research: Facebook’s Edge Fabric

23 August 2018 | Comments Off on Research: Facebook’s Edge Fabric

The Internet has changed dramatically over the last ten years; more than 70% of the traffic over the Internet is now served by ten Autonomous Systems (AS’), causing the physical topology of the Internet to be reshaped into more of a hub-and-spoke design, rather than the more familiar scale-free design (I discussed this in a…

Research: Are We There Yet? RPKI Deployment Considered

13 August 2018 | Comments Off on Research: Are We There Yet? RPKI Deployment Considered

The Resource Public Key Infrastructure (RPKI) system is designed to prevent hijacking of routes at their origin AS. If you don’t know how this system works (and it is likely you don’t, because there are only a few deployments in the world), you can review the way the system works by reading through this post…

Research: Covert Cache Channels in the Public Cloud

6 August 2018 | Comments Off on Research: Covert Cache Channels in the Public Cloud

One of the great fears of server virtualization is the concern around copying information from one virtual machine, or one container, to another, through some cover channel across the single processor. This kind of channel would allow an attacker who roots, or otherwise is able to install software, on one of the two virtual machines,…

Research; HTTPS Interceptions

30 July 2018 | Comments Off on Research; HTTPS Interceptions

I have written elsewhere about the problems with the “little green lock” shown by browsers to indicate a web page (or site) is secure. In that article, I considered the problem of freely available certificates, and a hole in the way browsers load pages. In March of 2017, another paper was published documenting another problem…

Research: Even Password Complexity is a Tradeoff

23 July 2018 | Comments Off on Research: Even Password Complexity is a Tradeoff

Stronger passwords are always better—at least this is the working theory of most folks in information technology, security or otherwise. Such blanket rules should raise your suspicions, however; the rule11 maxim if you haven’t found the tradeoff, you haven’t looked hard enough should apply to passwords, too. Dinei Florêncio, Cormac Herley, and Paul C. Van…

Research: P Fat Trees

5 July 2018 | Comments Off on Research: P Fat Trees

Link speeds in data center fabrics continue to climb, with 10g, 25g, 40g, and 100g widely available, and 400g promised in just a few short years. What isn’t so obvious is how these higher speeds are being reached. A 100g link, for instance, is really four 25g links bundled as a single link at the…

Research: Lessons from Evolve or Die

19 June 2018 | Comments Off on Research: Lessons from Evolve or Die

Google runs what is probably one of the largest networks in the world. Because of this, network engineers often have two sorts of reactions to anything Google publishes, or does. The first is “my network is not that big, nor that complicated, so I don’t really care what Google is doing.” This is the “you…

Research: BBR Congestion-Based Congestion Control

28 May 2018 | Comments Off on Research: BBR Congestion-Based Congestion Control

Congestion control has proven to be one of the hardest problems to solve in packet based networks. The “easy” way to solve this problem is with admission control, but this “easy” solution is actually quit deceptive; creating the algrorithms and centralized control to manage admission control is much more difficult than it seems. This is…

Research: Robustness in Complex Systems

21 May 2018 | Comments Off on Research: Robustness in Complex Systems

While the network engineering world tends to use the word resilience to describe a system that will support rapid change in the real world, another word often used in computer science is robustness. What makes a system robust or resilient? If you ask a network engineer this question, the most likely answer you will get…