I was really curious how the different proposed techniques compared to each other in the way that they scramble/anonymize source IP addresses. So I took a pcap file of DNS traffic and ran it through each algorithm, then visualized the output as a hilbert-curve heatmap. I ran each algorithm 10 times to see how it changes depending on the secret/key. I asked Wes to create a github repository in the rssac-caucus account and I've uploaded the results here: https://github.com/rssac-caucus/anonymization-harmonization/tree/master/heat... The PNG images are quite large (4096x4096) so you may need to download and/or zoom in to see some of the detail. Maybe this will be helpful for others and I'm happy to answer any questions about it. DW
On Feb 13, 2018, at 2:59 PM, Wessels, Duane via rssac-caucus <rssac-caucus@icann.org> wrote:
Andrew,
Thank you and the work party for this document. I think it will prove to be useful.
I'm attaching a copy of the doc with my comments.
In addition I would really like to see some kind of summary (table perhaps) that presents the following for the various techniques:
- advantages / disadvantages - cryptographic strength (I realize this could be difficult since not all are well-studied at this point). - efficiency (i.e. CPU time to anonymize some amount of (DITL) data). - whether or not "decryption with the same key" is a property of the technique - known implementations
Also I would like to better understand if the different techniques have any different cryptographic properties when there is at least one known true -> anonymized mapping. I think we should assume it is trivial for a consumer of the anonymized data to inject beacon queries that would enable them to know the anonymized value of a specific source IP.
DW
On Feb 13, 2018, at 5:19 AM, Andrew Mcconachie <andrew.mcconachie@icann.org> wrote:
Dear RSSAC Caucus Members,
On behalf of the RSSAC Caucus Work Party on Harmonization of Anonymization Procedures for Data Collecting, please find Harmonizing the Anonymization of Queries to the Root v1 attached.
Please send your comments and/or additions to the list by February 27th, 2018. Depending on the volume of comments received the work party may then decide to create a new version or forward v1 to the RSSAC for a vote on publication.
Thanks, Andrew
<RSSAC0XX_Harmonizating_Anonymization_Queries_Root_v1.docx> <RSSAC0XX_Harmonizating_Anonymization_Queries_Root_v1.pdf> _______________________________________________ rssac-caucus mailing list rssac-caucus@icann.org https://mm.icann.org/mailman/listinfo/rssac-caucus
<RSSAC0XX_Harmonizating_Anonymization_Queries_Root_v1_DW.docx>_______________________________________________ rssac-caucus mailing list rssac-caucus@icann.org https://mm.icann.org/mailman/listinfo/rssac-caucus