Detecting semi active intra networks components

Overview

In theory, clients and servers communicate without having their application data tampered with. This is the famous end-to-end principle introduced by P. Baran in 1960. However, as A. Einstein previously mentioned, "In theory, theory and practice are the same. In practice, they are not” and computer networking is a perfect example of such an affirmation.

A large quantity of devices in reality interfere with data sent across the network. These devices can be used for totally reasonable reasons; performance (load balancers, CDNs), security (proxies, firewalls) etc… However, these devices often referred to as middleboxes break the internet end-to-end assumption. This is for instance the case when institutions take advantage of their own root certificate to monitor encrypted traffic. Other man-in-the-middles may be less benevolent; this is the case when attackers position themselves between a client and a server if they manage to submit corrupted yet valid certificate to the client. This is one of the drawbacks of the so-called public key infrastructure used today on the Internet.

In this project, we aim at proposing a distribute software architecture that would enable two communicating parties to systematically identify any such semi active components that could exist between them. The solution relies on a graphical language that enables us to specify a number tests that can exploit side effects produced by the existence of such component either at the network, transport of application layer.