ANRP Prizewinners Present on Breaking Internet Security and Making Videoconferencing Work Better

By: Mat Ford

Date: June 27, 2016

line break image

The first Applied Networking Research Prize for 2014 was presented to Kenny Paterson for finding and documenting new attacks against key Internet security protocols. In their paper, “Lucky Thirteen: Breaking the TLS and DTLS Record Protocols” (Proc. IEEE Symposium on Security and Privacy, pp. 526-540, San Francisco, CA, USA, May 2013), Paterson and his coauthor, Nadhem Al Fardan, demonstrate practical attacks against Transport Layer Security, a fundamental security building block for much of today’s online activity.

Paterson’s presentation to the Internet Research Task Force open meeting in London gave great insight into the techniques he and others have developed to leverage seemingly tiny differences in the timing of protocol operations to reveal plaintext, and thereby break the security of the transaction. There is now a real need for constant-time, constant-memory access implementations to be confident that such potential implementation weaknesses have been completely eliminated.

Paterson noted the importance of the virtuous cycle that sees widely used security protocols gaining a high profile in the research community, leading to more analysis and more development work to patch weaknesses as they are discovered and ultimately stronger security protocols for everyone. Responsible disclosure practices and close collaboration with the IETF were key aspects in this instance. Paterson’s slides are available at, and audio from the presentation is available at starting at 00:18:25.

Trying to conduct a videoconference over a cellular network from a moving car “wasn’t working very well” for Keith Winstein, so he started trying to find a solution to the problem. The result was a new transport protocol called “Sprout” and the paper he and his coauthors wrote earned Winstein the second Applied Networking Research Prize for 2014.

Winstein won his award for designing a transport protocol for interactive applications that desire high throughput and low delay. In their paper, “Stochastic Forecasts Achieve High Throughput and Low Delay over Cellular Networks” (Proc. 10th USENIX Symposium on Networked Systems Design and Implementation (NSDI), Lombard, IL, USA, April 2013), Winstein and his coauthors, Anirudh Sivaraman and Hari Balakrishnan, describe Sprout, a transport protocol that works well over cellular wireless networks, where link speeds change dramatically with time, and current protocols build up multi-second queues in network gateways.

Motivated by his subpar videoconferencing experience, Winstein and his team developed a novel end-to-end transport protocol that tries to maximize throughput while simultaneously bounding the risk of delay by modeling the variation in link speed based on observations of packet arrival times. The model is then used to predict the future link speed.

The results are compelling: experiments conducted on traces from four commercial cellular networks show many-fold reductions in delay, and increases in throughput over Skype, Facetime, and Hangout, as well as over Cubic, Compound TCP, Vegas, and Low Extra Delay Background Transport (LEDBAT). Although Sprout is an end-to-end scheme, in this setting it matched or exceeded the performance of Cubic-over-CoDel, which requires modifications to network infrastructure to be deployed.

Winstein received his award at the recent Internet Research Task Force open meeting at IETF 89 in London, where he also presented his results. Winstein’s slides are available at, and audio from the presentation is available at starting at 01:22:35.

The nomination period for prizes to be awarded in 2015 is now open and nominations can be submitted via the system at