IoT Working Group Minutes - RIPE 82

Date: 20 May 2021, 13:00-14:00 (UTC+2)
WG Chairs: Constanze Dietrich, Sandoche Balkrichenan
Scribe: Antony Gollan
Status: Draft

1. Introduction/Housekeeping

IoT WG Co-chairs Constanze Dietrich and Sandoche Balkrichenan welcomed attendees to the session.

Constanze noted that the WG had reached consensus on the BCOP document, which was now published as a RIPE Document (ripe-759). She thanked everyone who had contributed and said she expected the document would be updated over time as the world changed.

2. Scalable Detection of IoT Devices in the Wild

Said Jawad Saidi, MPI-Informatics

You can find this presentation at:
https://ripe82.ripe.net/wp-content/uploads/presentations/52-haystack_full_of_needles_ripe.pdf

Patrick Tarpey, OFCOM, asked if they observed any use of encrypted DNS resolvers for IoT traffic.

Jawad replied that the devices did not look at DNS resolvers. If someone wanted to acquire methodologies to capture DNS queries, that would be good. If devices were using encrypted DNS resolvers, then it would be hard for service providers to know what they were doing on their network.

Jacques Latour, CIRA, asked if they had looked at what country IoT devices connected back to.

Jawad said this was an interesting question. His collaborators had previously done work where, by changing the URLs, they had shown the countries devices talked to and that changing ISPs would impact the infrastructures these devices were talking to. There were some destinations outside of Europe and some devices were talking back to China and Taiwan.

Marco Hogewoning, speaking as a curious person, asked if their analysis had considered the impact of NATs (including local ones) and whether they were able to give an estimate of how NATs would impact their methodology by bundling multiple devices behind a small set of addresses and ports. He also asked how IPv6 adoption impact this research.

Jawad said this was an interesting question. In terms of NAT, they didn’t have CGNAT in their study of a single service provider - there would have been a problem if that was the case. Regarding how this would impact their methodology, if they had multiple devices behind a NAT interface, they would not be able to say whether there were three of these devices or four. In that sense, the numbers they had reported were on the lower- rather than upper-band. They might be lower, but this was the impact of NAT on their methodology. Regarding how IPv6 would affect their research, off the top of his head, he didn’t think it would have a major impact – and it might even help – as there wouldn’t be NAT and they could do detection at greater granularity, assuming that NAT would be gone from the home user’s boundary, and if each device had its own address, it would be easier for them to detect.

Anna Maria Mandalari, Jawad’s co-author, said the usage of NATs wouldn’t impact anything in their work, because for creating the signatures they looked at the destinations these devices were contacting. She agreed with Jawad that the usage of IPv6 would have a positive impact on the research, as they would have more addresses to use exclusively for the destinations these devices were contacting.

3. Implementation of IoT SAFE using a Registry

Natasha D'Souza, CIRA

You can find this presentation at:
https://ripe82.ripe.net/wp-content/uploads/presentations/76-CIRA-IoT-Registry-RIPE-2021-5-20.pdf

Eliot Lear, Cisco, said this was a great presentation. He was interested in the specific middleware challenges they ran into at the SSL level. He had also run into some, relating to EST and CSR attributes.

Natasha said one of their challenges were the practicalities in terms of having a timeline and getting enough to work. Another was the middleware and the fact that this was now an SSL standard. What they had currently was a short-term solution in order to get the registry working. Over the long term, they were working with some of the open SSL groups. She said this was an in-depth discussion and she was happy to take it offline to discuss further with him.

Carsten Schiefner, All Things Internet And Internet Of Things, said he might not have fully understood the concept of moving IoT services from one provider to the other (on slide 5). It appeared that it was currently one distinct service per provider – as opposed to domains where the service (“domain”) could be easily transferred from one registrar to the another.

Natasha said in an enterprise situation or in industry in general, once a technology had been adopted, there was always a push for cost savings. The challenge they had with IoT devices today was that they were in walled gardens – especially devices that used large cloud providers. But for IoT to scale, it would need transferability and flexibility. If a parking meter was using a cloud provider in return for a good deal – that parking meter would need to be generic and interoperable. They didn’t have full transfer working today, because they had just started with the med-tech platform. However, they had this partner transfer working, as to transfer you had to deactivate, change some aspects, and reactivate again. So at the end of the day, it was not that complex as you just had to change end points. But what was out of the scope of their registry was the cloud providers being interoperable and the IoT devices.

Florian Streibelt, MPII, said great work. He wondered what the threat vectors were. For example, would it be possible to disable all IoT devices in a country in case of “conflicts” between states (such as sanctions).

Natasha said she would say the threat vector was very similar to shutting down all the domains in a country. So, with this registry you would be able to fairly quickly deactivate these IoT devices. By deactivation, you were shutting down the secure TLS connection. So there was a theoretical mechanism to do that.

David Schweizer, NETDEF, asked how this technology would impact second hand sold devices. He asked if devices could be reactivated without the registry (i.e. after the vendor stopped offering services for it).

She said this was a good question. It was a level of detail that they would need to work all the way through. From their thinking currently, the IoT device would have an eSIM with a public-private key on it. It was through passing this key to their system that they would really be able to say which device this was. By deactivating the device, that public-private key would no longer be there. That was what they called the hardware-router trust. From a hardware perspective, if something was “end-of-life” or recycled, it would have to be reactivated again. However, they would have to test out this use case, but today they believed you should be able to do that.

Constanze said they would have to take any remaining questions to SpatialChat in the break, as they still had one more item on the agenda and were out of time.

4. IoT WG Survey Results

Constanze Dietrich and Sandoche Balakrichenan, IoT WG Chairs

Daniel Karrenberg, RIPE NCC, said if he remembered correctly, the genesis of the WG was the concern that, as a group of network operators, they saw the IoT industry was using their services (the Internet) and they wanted to provide an interface for these people to talk to the community to share their requirements and discuss operational aspects so they could avoid surprises and ensure better results for everyone. He thought this should be in the charter. He noted that they had referenced a better introduction to what the WG was, but that was the charter, and once it was updated, that aspect would be covered.

Eliot Lear, Cisco, thanked the chairs for their work and for conducting the survey. He said there was a consumer aspect – consumers needed to be represented and needed guidance, help, and easy interfaces to make simple decisions about the devices on their network. ISPs were a natural player in this space, as they had the relationships with consumers already. That brought them to the charter discussion Daniel had mentioned. He thought the work in this space needed to relate to what the RIPE community could have influence over, which was primarily the role of service providers, and indirectly, role of devices. In the US, they had just witnessed a huge attack that had taken down a major pipeline affecting the Southern economies, which was due to a failure on how remote access was being used by the pipeline management. So, one question they could ask themselves was about the role of service providers in facilitating industrial users that were connected to the Internet. This was especially a factor with COVID, were people had to work from home and had to be connected to the Internet, often without much guidance. As they went into discussions about their charter, he thought they should focus on the problems that service providers could address.

End of session.

RIPE Forum

The RIPE Forum is an additional way to participate in RIPE community mailing list discussions using a web-based interface rather than an email client.

Check out the forum