I. The International Internet Engineering Task Force is the base camp for the development of Internet technical protocols.
The development of Internet has changed the world. The core technical standards and protocols for Internet operation mainly come from IETF. IETF was established at the beginning of 1986. It is an important organization responsible for formulating Internet technical standards. Its main task is to be responsible for the research and formulation of Internet-related technical standards. More than 90% of Internet technical standards are formulated by IETF. IETF ensures the long-term stable operation of the Internet by formulating technical standards. A lot of technical work of IETF is undertaken and completed by various working groups (WG) within IETF. These working groups are composed of different types of research topics. Before setting up a working group, IETF usually sets up an interest group (BOF) to prepare for the working group. After the preparatory work is completed, the working group can be formally established with the approval of IETF high-level research. IETF brings together the world's top Internet technology engineers and holds three meetings every year, with more than 1000 participants.
The Internet Architecture Committee (IAB) was established in 1983, which is the highest management body of IETF, and consists of 13 members including IETF Chairman. One of IAB's main responsibilities is to supervise the Internet protocol architecture, grasp the long-term evolution direction of Internet technology, protect the long-term development of the Internet, determine the formulation rules of Internet standards, guide the editing and publishing of Internet technical standards, manage Internet numbering, and coordinate with other international standardization organizations.
IETF divides the working group into different fields, and each field is managed by several regional directors. The domain directors form the Internet Engineering Steering Committee (IESG), and the specific areas are as follows.
One is the field of application and real-time research. This field mainly studies application-level related standards, including real-time related network protocols.
The second is the general area. This research field is used to contain research content that is not suitable for other research fields.
The third is the Internet field. The research field of Internet mainly studies how IP packets are transmitted in different network environments.
The fourth area is business and management. This research field mainly involves the operation and management of the Internet. With the rapid development and popularization of the Internet, higher requirements are put forward for the operation and management of the network. Therefore, this research field has been paid more and more attention.
The fifth is the routing area. This research field is mainly responsible for formulating relevant standards on how to determine the transmission path in the network to route IP packets to their destinations.
The sixth is the security field. This research field is mainly responsible for studying the protocols and standards related to privacy protection in IP networks, such as authorization, authentication and auditing. People pay more and more attention to the security of Internet, so this field has become one of the most active research fields of IETF.
Seventh, the field of transportation. This field is mainly responsible for studying the end-to-end transmission mode of special type or special purpose data packets in the network.
In the above fields, in addition to the security research field that specializes in security technology, other fields will also involve security issues. How to improve the security of Internet technology protocols is a key topic of IETF's long-term research.
Second, the Internet basic resource technology protocol uses public key trust chain to strengthen security.
IETF Internet basic resource technology protocol has changed from trusting data by default to ensuring data source credibility, data integrity and tamper resistance.
(1) Domain name system protocols use public key trust chains to enhance security.
Domain Name System Protocol (DNS) is the core protocol of the Internet, which is a distributed Internet service system that maps domain names to some predefined types of resource records (such as IP addresses). As the basic resource addressing service of Internet application layer, domain name service is the foundation of other Internet application services. Common Internet application services, such as web page remote access service, e-mail service and file remote access service, are generally based on domain name service to realize resource addressing and positioning.
DNSSEC protocol is a security extension of DNS protocol. It adds digital signature based on asymmetric encryption algorithm to DNS response message to ensure that the data has not been tampered with and the source is correct. Then, the domain name system submits its own public key to the parent domain step by step from bottom to top, so as to realize the step-by-step security authentication of the whole domain name system. DNSSEC provides three aspects of security for DNS data: one is data source verification to ensure that DNS reply messages come from authorized authoritative servers; The second is data integrity verification to ensure that the DNS response message has not been tampered with during transmission; The third is the verification of negative existence. When a user requests a non-existent domain name, the DNS server can also give a negative response message containing a digital signature to ensure the reliability of this negative response.
To sum up, DNSSEC essentially establishes a set of signature/verification system based on cryptography on the basis of the tree authorization system of the domain name system, that is, the trust chain system, which ensures the authenticity, data integrity and non-repudiation of DNS query results through step-by-step security verification on the trust chain.
ICANN has been promoting the deployment of DNSSEC all over the world. On July 20 10, ICANN officially signed a root domain name agreement with DNSSEC. In order to better manage the root key, ICANN has made a root key management plan. The plan selects a trusted community representative (TCR) around the world to generate the management root key. ICANN chose 2 1 TCR and some backup TCR, and all the candidates were individuals from the Internet community. Among them, 14 TCR is the password administrator (CO), 7 on the east coast and 7 on the west coast of the United States, and is responsible for generating the root key. The other seven TCRs are Recovery Key Holders (RKSH), which are responsible for the backup and management of the content of Hardware Security Module (HSM) and are used to restore the working state of HSM in case of emergency. On June 20 10, the first DNSSEC root key generation ceremony was held in Culpepper, Virginia, USA.
ICANN has two identical sets of HSM, one on the east coast and the other on the west coast of the United States, which are used to generate root keys. The key to start HSM is kept by co, and the ceremony of root key generation is held in turn on the east and west coasts. If there is a problem with HSM or the root key is in an emergency, RKSH needs to go to the United States to recover HSM and recover the root key. According to the root key management rules formulated by ICANN, ICANN cannot generate the root key without the participation of TCR. Through TCR's participation in root key generation and management, ICANN's root key generation and management is more transparent, forming a situation in which the whole world participates in root key generation and management.
DNSSEC mechanism uses public key trust chain mechanism to build a credible domain name query system. Internet top-level domain name data in global root servers need to be signed with root keys to ensure the security and credibility of the data. DNSSEC only guarantees the credibility of DNS data, but does not encrypt the DNS data itself.
(b) Resource public key infrastructure protocol deals with the problem of routing advertisement forgery through public key trust chain.
As the Internet infrastructure supporting interconnection, domain name system and inter-domain routing system have a vital impact on the security of the Internet. Because the Border Gateway Protocol (BGP) lacks the guarantee of the authenticity of the route advertisement, the deliberate attack of hackers and the wrong configuration of network parameters will lead to the occurrence of route hijacking. Routing hijacking has a great influence on the normal operation of the Internet, which may lead to a large area of network paralysis. Therefore, IETF proposed the Resource Public Key Infrastructure (RPKI) protocol. The concept of RPKI first appeared in the paper describing the Secure Border Gateway Protocol (S-BGP). S-BGP puts forward a BGP message format with additional signature, which is used to verify the binding relationship between ip address prefix and as number on the propagation path in route advertisement, so as to avoid route hijacking. On this basis, BGP introduced digital certificate and signature mechanism, and used public key infrastructure (PKI). In order to verify the public key held by the signer of the routing announcement, the signer's ip address is assigned to the superior to issue a certificate for him, on the one hand, to verify his public key, on the other hand, to verify the ownership of the IP address prefix by the entity. The public key certificate system based on IP address resource allocation constitutes the basic framework of RPKI.
The RPKI system consists of three key modules: basic resource public key certificate system (RPKI), digital signature object and distributed RPKI database for storing RPKI signature objects. These three modules can ensure that entities can verify who is the legal holder of IP address or AS number. RPKI allows the legal holder of an IP address to authorize an AS as the routing source of the address and verify it. This verifiable authorization can be used to build a more secure routing table filter.
In order to promote the deployment of RPKI, RPKI Construction Company made full use of the existing technology and practice. The structure of RPKI can correspond to the existing resource allocation system, and it can be regarded as a natural technical extension of the existing resource management organization operation mode. In this new system, the existing resource allocation and recovery methods are clearly defined.
(3) Transport service protocol handles domain name certificate forgery and client authentication through public key trust chain.
Certificates for Internet security authentication are usually issued by a Certificate Authority (CA). However, the CA model is vulnerable to attack. There are thousands of trusted CAs on the Internet, and theoretically any certificate can be issued. CA may maliciously or wrongly issue certificates that do not belong to Internet domain name users, resulting in a man-in-the-middle attack and Internet security risks. IETF proposed named entity authentication protocol (DANE) technology based on DNS in RFC6698. DANE can authenticate and issue a domain name certificate through a DNS resource record called Transport Layer Security Authentication (TLSA), so that only the actual controller who controls the domain name can issue the security certificate of the corresponding domain name, which ensures the security of the TLS certificate. DANE uses DNSSEC infrastructure to store and sign keys and certificates used by TLS. DANE provides a mechanism for binding public keys to DNS domain names. Because the entity that manages public key data and DNS domain name is the same, it reduces the chance of man-in-the-middle attack by using domain name. The key associated with a domain name can only be signed and associated by the parent domain name key. For example, example.cn's key can only be signed with cn's key, and cn's key can only be signed with DNS root key. The standard DNSSEC protocol can be used to query and distribute the signature key of any domain name, and the user's self-signed certificate can be deployed through DANE. The original self-signed certificate is considered to be unsafe, but with the blessing of DNSSEC, the self-signed certificate for domain name can be used safely in DANE.
In 20021year, IETF set up a network client DANE authentication (DANCE) working group to strengthen the security of network client-related protocols by using DANE. At present, relevant technical standards are being formulated. Various transport service protocols can handle domain name certificate forgery and client authentication through the public key trust chain in DANE mechanism, making communication more secure.
Third, formulate a technical agreement on Internet basic resources to protect privacy.
After the 20 13 Snowden incident broke out, IAB, the highest technical management agency of IETF, organized a special technical seminar to discuss how to strengthen the privacy protection of the Internet and prevent intermediaries from eavesdropping and intercepting information. IAB believes that IETF's technical protocol needs to comprehensively strengthen end-to-end encryption to avoid man-in-the-middle attacks. Since then, IETF protocol has strengthened the security consideration of protecting users' privacy from being intercepted by middlemen, and promoted the development of Internet protocol to privacy protection.
(A) Internet transmission protocol to the rapid and secure connection QUIC protocol evolution
Fast UDP InternetConnection (QUIC) protocol is the basic transport protocol based on the network protocol developed and deployed by Google, and has been standardized by IETF. Google thinks that there are many problems in the transmission control protocol (TCP) and wants to design a new transmission protocol. 20 12 put forward the idea of designing based on UDP, and it was first published in Chromium version 29 released in August of 20 13. QUIC is one of many transport layer network protocols that improve TCP. The QUIC protocol was officially released in May, 20021with the number of RFC9000.
QUIC can be thought of as a datagram transmission application. The application protocol using QUIC uses UDP port 443 to send and receive data packets. QUIC solves various requirements faced by transport layer and application layer, including handling more connections, with better security and low latency. Based on UDP transmission, QUIC combines the characteristics of protocols including TCP, Secure Transport Layer Protocol (TLS) and Hypertext Transfer Protocol Version 2 (HTTP/2) to make the transmission protocol more efficient. One of the main goals of QUIC is to reduce the connection delay. When the client connects to the server for the first time, QUIC only needs 1 round trip delay (RTT) to establish a reliable and secure connection, which is faster than 1 3 RTT of TCP+TLS. After that, the client can cache the encrypted authentication information locally, and when the connection with the server is established again, the delay of 0 RTT can be realized. QUIC also reused the multiplexing function of HTTP/2 protocol, and successfully avoided the queue head blocking problem of HTTP/2 by using UDP.
(b) DNS transport protocol to protect user privacy.
Because of the plaintext design of DNS, the behavior of users when querying DNS data of domain names will be leaked. At the same time, the third-party server will collect users' query logs. The technical development of DNS privacy protection mainly includes two aspects.
The first is the query minimization mechanism. In other words, the recursive parser only sends the necessary query information at a time, and does not disclose the complete domain name to the root server and the top-level server. At the same time, some researchers put forward that each real query is confused with multiple virtual queries, and the server actively broadcasts hot domain names to reduce the risk of user privacy disclosure.
The second is DNS(DoH) based on HTTPS and DNS(DoT) based on TCP, which use HTTPS and TCP technologies to realize DNS encryption respectively, and both are based on TLS. At present, both of them have been published as IETF RFC technical standards. IETF has set up a working group on DNS privacy transmission and exchange, which specializes in topics related to DNS privacy protection, and QUIC-based DNS(DoQ) is also being promoted by this working group. On the other hand, HTTP-over-QUIC is named HTTP/3. After the release of DoH/DoT as a formal standard, IETF privacy-related topics mainly focus on the research of automatic discovery of parsers with encryption technology and the privacy encryption mechanism of recursion to authoritative parsers.
(3) The transport layer security protocol is extended to support more privacy technologies.
TLS 1.3 is a new TLS standard formulated by IETF. TLS is used to protect the Web (and many other fields), provide encryption, and ensure the authenticity of every HTTPS website and application programming interface (API). RFC 8446 belongs to TLS 1.3, which was published on 20 18. It is the first major reform of this protocol, which has brought remarkable security and performance improvement. TLS 1.3 is based on earlier TLS 1.2, but it is also very different from TLS 1.2. For example, TLS 1.3 can reduce the delay time of protocol handshake and improve the anti-attack. The key negotiation and authentication algorithm is designed to be separated from the cipher package, and the fragile and rarely used algorithm, such as message digest algorithm (MD5), is removed. TLS 1.3 encrypts most of the transmission information, but the server name indication information (SNI) provided by TLS 1.3 is not encrypted when sending the ClientHello session. When TLS 1.3 two parties exchange information, the third party can easily obtain the server name indication information. IETF is currently promoting the technology (ECH) of how to encrypt server name indication information (SNI). If ECH technology is deployed, the server name indication information (SNI) of both parties will be encrypted, and it will be difficult for the third party to know the SNI information, which will make the communication between the two parties more private.
Four, the Internet basic resources technology agreement to develop comprehensive security and credibility.
The Internet has been integrated into all aspects of life and work, and the data transmitted by the Internet is becoming more and more important. The data of Internet basic resource technology protocol gradually transits from plaintext transmission mode to the authentication of source reliability, integrity and tamper resistance of plaintext data, some core data are encrypted, and some protocol parameters are also encrypted. By means of signature, trust chain and encryption, the reliability and security of internet data transmission are ensured, and the possibility of intermediaries obtaining private information is reduced. Based on the above analysis, we can make the following judgments.
First, QUIC protocol shows better performance than TCP protocol, and TCP protocol of Internet may be gradually replaced by QUIC protocol. In the next decade, QUIC protocol will gradually encroach on the territory of TCP protocol, and more applications will be transmitted based on QUIC protocol rather than TCP protocol.
Second, TLS 1.3 protocol is being deployed gradually to replace the old protocol. If the ECH technology is deployed in a coordinated way in the future, the end-to-end transmission of the Internet will be more secure and reliable, but this technology may lead to the failure of some firewall functions that use the server name indication information (SNI) for security policy management.
Thirdly, due to the security management of trust chain and trust anchor, RPKI is difficult to be deployed on a large scale in a short time. If RPKI is improperly operated, certificate misconfiguration or malicious revocation will also cause a series of security problems.
Fourthly, DNSSEC technology has been deployed in the global root zone of the Internet for more than ten years, and the current deployment rate is not very high because the investment in technology deployment is not directly proportional to the benefits it brings. In the next decade, without the support of key applications, it is difficult for DNSSEC to be widely used.
(This article was published in China Journal of Information Security, No.4, 2022)