Security and Privacy Implications of Middlebox Cooperation Protocols
Thomas Fossati, Roman Muentener, Stephan Neuhaus, Brian, Trammell

TL;DR
This paper analyzes the security and privacy implications of middlebox cooperation protocols, finding that explicit signaling does not significantly increase attack surfaces, though it may aid passive adversaries.
Contribution
The paper provides an experimental analysis of MCPs, particularly the PLUS proposal, highlighting that explicit signaling does not introduce major new security vulnerabilities.
Findings
Explicit signaling does not significantly increase attack surface.
Middlebox cooperation can aid passive adversaries.
No entirely new attacks are enabled by MCPs.
Abstract
This white paper presents an analysis done by the MAMI project of the privacy and security concerns surrounding middlebox cooperation protocols (MCPs), based on our experimental experience with the Path Layer UDP Substrate (PLUS) proposal. Our key finding is that adding explicit signaling meant for on-path devices presents no significant new attack surface as compared to the status quo in the Internet architecture. While middlebox cooperation can make a passive adversary's job easier, it does not enable entirely new attacks.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Authentication Protocols Security
