Markdown Version | Session Recording

Session Date/Time: 17 Mar 2024 04:00

Hackathon Results Presentations

Summary

The session consisted of presentations of various projects completed during the IETF Hackathon. The projects spanned a wide range of topics including augmented YANG modules, deterministic encoding for seaborne serialization, multicast source routing, HTTP signature authentication, network attestation for secure routing, post-quantum cryptography in X.509 certificates, DDoS mitigation architecture, SDN-based open playgrounds, network anomaly detection, extensions to the YANG data model for DOTS, YANG push publisher validation, low latency crypto, RPKI/RTR improvements, fake conversation generation, DNS enhancements, and intent-based network management for mobile objects.

Key Discussion Points

• Augmented YANG Modules: Presented an implementation to provide an easy solution for getting dependencies of YANG modules, particularly for Kafka data mesh architectures. Testing showed improved execution times.
• Seaborne Serialization: Discussed deterministic encoding (CDE) and DC Board drafts and their implementation in QC War. Aim is to accommodate constrained use cases and unify number serialization.
• MSR6 Evaluation: Hardware evaluation of MSR6TE and MSR6TE with RLP using P4 language. Results indicated low resource usage and acceptable delay increase.
• HTTP Signature Authentication: First interoperability test of a draft providing authenticated HTTP resources without telegraphing. Success noted, with some practicalities remaining for existing protocol stacks.
• Network Attestation for Secure Routing (NASR): Proposed a new initiative for path-level trust based on remote attestation of network devices. Aim is to guarantee forwarding behavior of devices.
• Post Quantum X.509: Continued progress on post-quantum cryptography with focus on incorporating NIST primitives, testing composite implementations, and maintaining OID mapping tables.
• SAVI DDoS Mitigation: Presented a DDoS mitigation architecture focused on identifying forged source addresses and distributing security intelligence.
• SDN Open Playground: Implementation of objects for deploying inter-domain networks, focusing on information sharing.
• Anomaly Tagging on Historical Data (Antagonist): Described a project for structured exchange of network anomaly data and information, and discussed how this can improve AI-based network anomaly detection.
• Extended YANG Data Model for DOTS: Proposed extensions to the DOTS protocol to meet current collaborative mitigation needs, reporting a potential improvement in mitigation time from minutes to seconds.
• Validate YANG Push Publisher: Reported on validating YANG Push publisher against data collection with multiple vendor implementations, focusing on integration into Apache Kafka.
• Ultra-Low Latency Crypto: Described work on a new lightweight and secure encryption algorithm that is suitable for e-sports and remote surgery. Seeking volunteers to implement this.
• RPKI RTR and AS Path Validation: Presented both Perl and Rust-based implementations of RPKI-RTR functionality.
• Fake Conversation Generator: Presented a VCON related project to generate fake conversation data for testing PII redaction.
• DNS Kabar: Reported on work relating to compact denial of existence and delegated zone-signed child synchronization.
• Intent Based Network Management: Described an architecture for mobile network management, focusing on configuring network and security applications for SDVs and other mobile objects.

Decisions and Action Items

• The fake beacon generator will be put into the IETF GitHub
• Register on the Wiki to present results at the Hack Demo Happy Hour.

Next Steps

• Continue work on post-quantum cryptography, meeting monthly.
• Validate the Antagonist project with network operational data.
• Continue work on DNS Kabar implementation after the hackathon.
• Future meetings to be scheduled for network attestation initiative.