Universities Tapped To Build Secure Net

Wes Felter writes "InfoWorld reports that the National Science Foundation (NSF) has enlisted five university computer science departments to develop a secure, decentralized Internet infrastructure. I thought the Internet was already decentralized, so I'm curious about what exactly they're fixing. The article quotes Frans Kaashoek from MIT PDOS, which is working on decentralized software such as Chord."

DNS Servers

[cadillactux]

If you think about it, the DNS servers are a "centralized" systems. With the Root Servers, if I query my DNS server at home, and cannot find www.fubar.com, I query one of the DNS root servers to find which DNS server has the records I need.

Now imagine, what if one of those root servers went down. The other servers have to take the load of the failed server. Now imagine two went down, however unlikely, but that puts loads of extra traffic on the remaing servers. After a while, this will add up. Now, I admit, it is probibly very unlikely, but with enough traffic, even a root server could be /.ed. Or, in a less extreme case, it could take quite a while for my query for www.fubar.com to pass through.

Re:The Chosen

[GoBears]

This is interesting why? The "chosen" contains (1) MIT PDOS and two schools (NYU and UCB) where MIT PDOS alumni have recently been hired, (2) a network shop (ICSI/ACIRI) and (3) a security shop (Rice). Like many such "picks," it reflects human connections and a fit with someone's agenda more than some abstract notion of organizational merit.

real decentralization is needed

[TheSHAD0W]

The current internet was designed to be decentralized, with no specific backbone required; routers would figure out what paths to send what packets over. Scaling-wise, it's been pretty successful. Redundancy-wise, it is less than so. A bad route typically doesn't result in a smooth transfer to another link unless a lot of work has been done to assure it would happen; instead, packets are dropped and communications are badly disrupted.

I had a perfect example of that happen to my current ISP; after getting terrible communications errors, I called them. Turns out one of three of their routes was out; they reset a router, and everything was copacetic. But the other two routes should have been able to handle the traffic. They didn't.

With the advent of IP6, the structure of the net becomes even more convoluted, and errors may become even more difficult to handle. In order to have a nice, stable internet, a system of handling broken routes needs to be integrated into the new spec.

Re:Freenet without the freedom?

Posted too soon. It sounds like they're considering the issues.

From the document at http://iris.lcs.mit.edu/proposal.html :

4.3.3 Anonymity and Censor-Resistance

Some applications may require that data can be retrieved anonymously, or that particular pieces of data cannot easily be deleted from the system. Though these are partially political issues, the technical fundamentals are worth exploring. A particularly useful question is the extent to which anonymity and censor-resistance must be integrated into the design of a system, as was done in Freenet [16]. We hope that layering will allow these concerns to be treated separately, for example by using general-purpose anonymity techniques such as Onion Routing [60] or Tarzan [23]. On the other hand, integration seems to be a good approach to censor-resistance, as explored by MaziÃres in Tangler [65].

Re:Current Internet not *that* decentralized

[glwtta]

And because each replicates its data set to all other Root servers, catastrophic failure of one would bring down all of the others.

Um, very untrue - the primary root server replicates the data to the rest. If a non-primary root server goes down, you don't notice it. If the primary one goes down, the function is moved to any one of the rest (and you still don't notice it). Basically something like 3 or 4 of them have to go out before Joe InternetUser will notice any effect, and even then it would be somewhat inconvinient, not "catastrohpic". (This is what I rember from some article on the topic awhile back - it's not like I know anything about these things.)

Re:You dont know what you are talking about

[Zeinfeld]

You dumb troll, the arpanet was designed exactly to be a self healing system to survive nuclear attack

No, it was not, Vint Cerf has dispelled that myth a number of times.

The Internet does not emply flood fill routing or any of the technologies that one would want to have available if you wanted to survive a nuclear attack.

TCP/IP was actually designed with the idea that networks could be quickly assembled with minimal configuration issues and without the need for every node to have access to a central co-ordination point.

The Internet does actually have one central coordination point, the A root of the DNS service. However that is decoupled from the minute by minute actions of the Internet hosts so that the A root could in theory go down and come back up without a calamity (but nobody wants to try to find out!).

Re:You dont know what you are talking about

[kaladorn]

You suggest Vint Cerf dispelled the myth a number of times that the Internet was designed to withstand (in this case, gracefully degrade) under a nuclear attack. I'd be most interested to see a link to somewhere where this is quoted. Most textbooks relating to TCP/IP propagate this alleged myth and I'd be interested to see what exactly Vint said.

I was always under the impression that the decentralized nature of the original network was a design criteria which arose from the desire to withstand (or degrade gracefully more correctly stated) in the event of significant damage to the overall infrastructure. Are you suggesting this is not the case? If so, I'd _really_ like to see the sources you have used to arrive at this conclusion.