# Security and Privacy Implications of Middlebox Cooperation Protocols

**Authors:** Thomas Fossati, Roman Muentener, Stephan Neuhaus, Brian, Trammell

arXiv: 1812.05437 · 2018-12-14

## TL;DR

This paper analyzes the security and privacy implications of middlebox cooperation protocols, finding that explicit signaling does not significantly increase attack surfaces, though it may aid passive adversaries.

## Contribution

The paper provides an experimental analysis of MCPs, particularly the PLUS proposal, highlighting that explicit signaling does not introduce major new security vulnerabilities.

## Key findings

- Explicit signaling does not significantly increase attack surface.
- Middlebox cooperation can aid passive adversaries.
- No entirely new attacks are enabled by MCPs.

## Abstract

This white paper presents an analysis done by the MAMI project of the privacy and security concerns surrounding middlebox cooperation protocols (MCPs), based on our experimental experience with the Path Layer UDP Substrate (PLUS) proposal. Our key finding is that adding explicit signaling meant for on-path devices presents no significant new attack surface as compared to the status quo in the Internet architecture. While middlebox cooperation can make a passive adversary's job easier, it does not enable entirely new attacks.

---
Source: https://tomesphere.com/paper/1812.05437