Schedule BalCCon2k16

Author has devised a technology that allows to hide both source and destination addresses in IP packets on the network level. The goal of this lecture is to introduce the technology to the world, hopefully encouraging discussion on real-life applications of the technology and improvements to it.

Source IP spoofing anonymization over UDP (SIPSA) is a proposal for a protocol that in many network environments would allow two hosts on the network to hide both their source and destination addresses, while still being able to communicate information.

A proof of concept tool that allows testing SIPSA will be made freely and publicly available at BalCCon2k16 for the first time.

Have you read this far? Great. You've earned a short intro on how SIPSA works.

BCP38 while more than 16 years old, is (thankfully) not uniformly implemented. There have been lots of talk over the years on why ingress filtering is good and how lack of it can be used for evil. The author however proposes that lack of ingress filtering is used for good.

UDP is a Layer4 connectionless best-effort protocol that most commonly goes on top of IP. You do not need a real source IP address to be able to talk UDP one-way. This field is completely arbitrary already.

It is different with the destination address. Routers need it to be able to deliver your message. The solution here is provided by a steady increase of internet speeds over time: just send ten, twenty or a hundred copies of the packet with a random destination addresses. Make sure that the real receiver reacts as if the port is closed and you've got yourself (90%, 95%, or 99% respectively) anonymity and full deniability too! Other protocols (e.g. TCP or Tor) can be of course tunnelled on top of UDP.

Just don't forget to handle some sort of identity management in the top layers and that's the recipe for SIPSA.

Info

Day: 2016-09-09
Start time: 19:45
Duration: 01:00
Room: Tesla

Links:

• iCalendar
• BCP38

Feedback

Click here to let us know how you liked this event.