[dns-operations] IP address encryption: pseudonymization

bert hubert bert.hubert at powerdns.com
Sun Feb 11 22:09:52 UTC 2018

On Sun, Feb 11, 2018 at 12:11:56PM -0800, Paul Hoffman wrote:
> >A standard is something people can adhere to, to enhance interoperability.
> >I personally have no interest in dragging this through the IETF at this
> >point.  It is a traumatizing experience of uncertain benefit.
> Noted, but many of us disagree. I'm happy to ask CFRG about ipcipher; it's
> inventor is there and the discussion could be useful.

I've already exchanged several emails with Jean-Philippe, But indeed, wider
exposure to cryptographers would be good. It needs to be noted however that
we'll never get this to be really tight. It is not real encryption that can
withstand nation states.

> I cannot at all discuss whether the algorithm is sound from a cryptographic

This is one of the biggeste weaknesses in the current form. ipcrypt has not
even had a cursory glance. It only has great parents.

> >Once it reaches some consensus, we'll version it as 'ipcipher version 1'.
> >
> >And who knows, this may lead to a solid proposal for 'ipcipher version 2'
> >which we could turn into an IETF draft if there is interest.
> This is why I asked: What do you think the difference between those versions
> might be? The current version seems feature-complete.

So people have come up with some nice enhancements. For example,
pseudonymity can be tweaked so (say) 256 IP addresses all map to 1
pseudonymous address. This still allows for many analyses, but
re-identification becomes almost impossible.

Job Snijders came up with the idea of 'class preserving' encryption, so
private space remains private space, multicast multicast. It is not easy to
see how this could be done, but perhaps.

Remco van Mook came up with the idea to map IPv4 addresses to IPv6
addresses, which would allow the use of AES all the time, plus perhaps some
other benefits.

I mostly think however that 'ipcipher2' would incorporate the operational
experience of ipcipher1 in ways we can't yet predict.  EDNS Client Subnet
was very educational for me in that respect.  I supported it heartily and
now it turns out to suck in production, in ways at least I did not see


More information about the dns-operations mailing list