Joseph A. Cooley

Software-based erasure codes for scalable distributed storage

This paper presents a new class of erasure codes, Lincoln Erasure codes (LEC), applicable to large-scale distributed storage that includes thousands of disks attached to multiple networks. A high-performance software implementation that demonstrates the capability to meet these anticipated requirements is described. A framework for evaluation of candidate codes was developed to support in-depth analysis. When compared with erasure codes based on the work of Reed-Solomon and Luby (2000), tests indicate LEC has a higher throughput for encoding and decoding and lower probability of failure across a range of test conditions. Strategies are described for integration with storage-related hardware and software.

GROK: A Practical System for Securing Group Communications

We have designed and implemented a general- purpose cryptographic building block, called GROK, for securing communication among groups of entities in networks composed of high-latency, low-bandwidth, intermittently connected links. During the process, we solved a number of non-trivial system problems. This paper describes these problems and our solutions, and motivates and justifies these solutions from three viewpoints: usability, efficiency, and security. The solutions described in this paper have been tempered by securing a widely-used group-oriented application, group text chat. We implemented a prototype extension to a popular text chat client called Pidgin and evaluated it in a real-world scenario. Based on our experiences, these solutions are useful to designers of group-oriented systems specifically, and secure systems in general.

Autoconfiguration of network services in airborne wireless networks

In this paper we consider the problem of autoconfiguring nodes in an airborne wireless network. The airborne platforms consist of routers as well as one or more hosts. External links from the airborne platform employ directional transmit beams. We expect the nodes to join or leave the network without pre-planning or manual configuration. Additionally we expect the users and applications of this network to discover available services in an automated manner. In this paper we present protocols that allow autoconfiguration of IPv6 addresses and names, as well as the automated discovery of services within the airborne wireless network.

Mobile airborne networking experience with Paul Revere

Future military networks will include IP connectivity among mobile airborne platforms. To understand the complexities of such networks, MIT Lincoln Laboratory (MITLL) through a program known as Paul Revere (PR), has implemented a multi-link, IP-networking system between a Boeing 707 and 45 foot tractor trailer. As an experimental platform, the system also supported operator and application requirements during the Joint Expeditionary Force Experiments (JEFX) 2004 executed by the United States Air Force. In this document, we motivate and describe the architecture and implementation, present analysis of our findings, and provide general architectural guidelines for the construction of future IP-based systems.

GROK Secure multi-user Chat at Red Flag 2007-03

This paper describes the GROK secure chat experimental activity performed by MIT Lincoln Laboratory at USAF Red Flag 2007-03 exercises and its results.

Secure channel establishment in disadvantaged networks : Optimizing TLS using intercepting proxies

Transport Layer Security (TLS) is a secure communication protocol that is used in many secure electronic applications. In order to establish a TLS connection, a client and server engage in a handshake, which usually involves the transmission of digital certificates. In this paper we present a practical speedup of TLS handshakes over bandwidth-constrained, high-latency (i.e. disadvantaged) links by reducing the communication overhead associated with the transmission of digital certificates. This speedup is achieved by deploying two specialized TLS proxies across such links. Working in tandem, one proxy replaces certificate data in packets being sent across the disadvantaged link with a short reference, while the proxy on the other side of the link restores the certificate data in the packet. Local or remote caches supply the certificate data. Our solution preserves the end-to-end security of TLS and is designed to be transparent to third-party applications, and will thus facilitate rapid deployment by removing the need to modify existing installations of TLS clients and TLS servers. Testing shows that this technique can reduce the overall bandwidth used during a handshake by 50% in test emulation and by over 20% of TLS session volume in practice. In addition, it can reduce the time required to establish a secure channel by over 40% across Iridium, a widely used satellite link in practice.

DSKE: Dynamic Set Key Encryption

In this paper, we present a novel paradigm for studying the problem of group key distribution, use it to analyze existing key distribution schemes, and then present a novel scheme for group key distribution which we call “Dynamic Set Key Encryption,” or DSKE. DSKE meets the demands of a tactical environment while relying only on standard cryptographic primitives. Our “set key” paradigm allows us to focus on the underlying problem of establishing a confidential communication channel shared by a group of users, without concern for related security factors like authenticity and integrity, and without the need to consider any properties of the group beyond a list of its members. This separation of concerns is vital to our development and analysis of DSKE, and can be applied elsewhere to simplify the analyses of other group key distribution schemes.

Extending OSPFv3 to provide multi-class routing using multiple dynamic link metrics

As optical and RF links are deployed on airborne platforms, they will be integrated into networks. These networks will have links with metrics such as capacity, delay, and packet loss rates that may exhibit significant variation with time. To route traffic over such infrastructure, a routing system will need to be adaptive and efficient. Service requirements will differ among different classes of traffic. To address these challenge, we integrate new capabilities into the OSPF framework: continuous collection and distribution of multiple time-varying link metrics. We support multiple traffic classes by evaluating multiple cost functions and running multiple path selection procedures at each node.

Link monitoring in support of enhanced service models in IP networks

A link monitoring system that records and reports to the sender the successful reception (or implied failure to receive) of each frame sent across the link is useful for two purposes: (1) as a building block for enhanced forwarding services that may use hop-by-hop ARQ (transfer of custody), and (2) as a rich source of data about the links recent reliability as input to routing or configuration decisions. We propose a system that uses a new encapsulation of packets between two IP routers that can be automatically enabled when the routers sense that its neighbor is similarly capable. The new encapsulation will carry a transmission number, allowing the receiver to detect and report back which particular packets were and were not received. Traditionally hop-by-hop ARQ has been thought of as residing at the link layer. Our link monitoring system allows a variety of hop-by-hop retransmission schemes to be provided in a modular way at the network layer, avoiding the one-size-fits-all problem of traditional link-level ARQ schemes.

Experiments over ONRAMP: a reconfigurable optical access network

The integration of electronic routing functions with WDM functions in network elements capable of reconfiguration over short time scales enables access networks to efficiently service time varying demand. An effective coordination of electronic and WDM network functions allows traffic to bypass electronic to optical conversion within the access network. The cost benefits derived from reduced transponder use due to this coordination can result in lower cost access for end users. The transparency of WDM also allows heterogeneous traffic formats to be carried over a common fiber. In this paper, we describe a reconfigurable WDM access network testbed that incorporates features outlined above. This testbed was used in demonstrating network functions such as dynamic lightpath provisioning, packet flow-switching, and remote amplification for supporting large numbers of end users. The testbed network incorporates protection switching and network control capabilities. The testbed network also provides connectivity to an in-ground long haul network. The testbed architecture and description of networking experiments demonstrating its capabilities are presented. The throughput degradation due to optical flow switching for Transport Control Protocol (TCP) data transmissions over large bitrate-delay product links is characterized. Adding the Eifel Algorithm to the TCP implementation restored performance. The performance of a remotely pumped EDFA for serving many users in the collection/distribution network is also presented.