As more internet traffic is encrypted to enhance the privacy of its users, its nature is less insightful to network operators. This might lead to inefficient routing of traffic, the inability to monitor for abuse, and unfair networking practices. To increase privacy and trust in internet infrastructure, NLnet Foundation has awarded Centrum Wiskunde & Informatica (CWI) with a grant to develop a replacement for a decades-old application programming technique (BSD-style sockets) for communication on the Internet. This project, code name Reowolf, aims at separating network communication content from its description. In the end, this might result in an alternative to deep packet inspection for network operators that better protects privacy for users.
Hans-Dieter Hiep, PhD researcher at CWI, says: “Supporting network operators to further improve quality of service without giving up on end-user privacy is important. We will do this by developing tools for checking compliance of network traffic to application-specific protocols, and thus make correct programming of internet applications simpler and more reliable.”
Hiep adds: “Quality of service (QoS) of communication via the Internet can be improved by, for instance, intrusion detection, decreasing latency, or increasing throughput. Today, network operators apply deep packet inspection (DPI) to guess an application’s communication intent to perform traffic optimizations on the networking side. DPI consists of non-standard techniques, may harm user privacy, and could affect net neutrality. On the application side, programming of internet applications is complex and error-prone and tweaking is fragile.”
The researcher continues: “Reowolf alleviates both the networking and application issues by introducing explicit protocol descriptions, which are application-defined. Such protocol descriptions are publicly visible to the network, in contrast to encrypted content. This allows network operators to increase the detection of deviations and abuse and better optimize routing of traffic, all without needing to inspect packet contents. Programming Internet applications becomes simpler and can be verified in a modular fashion, leading to more robust services. This is a benefit for all internet users.”
The research will be done in CWI’s Formal Methods (FM) research group, which has a lot of experience with communication protocols and formal techniques for optimization and analysis. Hiep: “Formal methods can be seen as a mathematically rigorous approach to verification of software. The Reowolf project bridges the gap between past research of the FM group and systems-level software. The project will deliver high-quality professionally engineered software that directly benefits the open-source Internet community. This allows for past research results to be applied to systems-level software, thereby innovating existing network programming practices.”
Reowolf is funded by the NGI Zero PET Fund, a fund established by NLnet Foundation with financial support from the European Commission’s Next Generation Internet programme. The Reowolf project starts in November 2019.