Blind packet forwarding : a clean-slate security approach for future networks
Meanwhile, there exist a wealth of approaches for a Future Network Architecture (FNA). Although these approaches differ in their orientation, they all suggest that a network should be service-oriented and flexibly orchestrated from atomic smart in-network services. In order to utilise the complete functionality of the orchestrated network, the in-network services require access to various control data that is exchanged in different ways. Hence, the communication endpoints have to expose more and more information about themselves. However, the in-network services as well as third parties are able to sniff information while it is transferred in cleartext. Beside these considerations, end-to-end encryption is the de facto method applied to provide information confidentiality for two communicating endpoints. But if the communicating endpoints perform end-to-end encryption, in-network services cannot accomplish their tasks anymore, since they cannot access the encrypted control data. Thus, it becomes impossible to fully utilise the benefits of FNA approaches. These issues indicate that it is only possible to realise one of the two goals – information confidentiality and smart in-network services – at once. But we demonstrate the feasibility to simultaneously establish smart in-network services and to provide information confidentiality by redesigning the packet forwarding service to make it operate blindly, which we call Blind Packet Forwarding (BPF). We choose this in-network service as an example because packet forwarding is one of the basic services required for most network architectures. Moreover, packet addresses act as the basis for operations performed by further in-network services. Furthermore, it was not possible so far to transfer packet addresses in end-to-end encrypted form. BPF provides confidentiality for packet addresses during transmission as well as during processing by network nodes.