IBM Mobile Computing Workshop, 24 Jan 94

Larry Loucks, VP of Software Architecture, IBM

Keynote Address

He described a taxonomy of hardware and software components related to mobile computing.

Dan Duchamp, Associate Prof., Columbia

Replacement of Replicated File Systems

Dan presented his Summer '93 USENIX paper (click here for a copy). I am not a big fan of this work, in part because it uses NFS, and in part because I find the model unrealistic.

Charlie Kunzinger, IBM

Summary of IETF Mobile IP Working Group

He described the basic entities:

mobile host

home agent

foreign agent

mobile-aware host

and the basic procedures:

beaconing

registration

forwarding and encapsulation

route optimization i.e., elimination of triangle routing by the mobile-aware host by communicating directly with the foreign agent, bypassing the home agent. (This is apparently the ultimate challenge in Mobile IP proposals.)

The RFC is almost ready, and implementations are expected to follow. (I questioned this strange ordering of tasks, quoting Dave Clark.) Little thought has been given to security issues related to Mobile IP, but it is recognized the the current proposal is highly vulnerable to "denial of service" attacks, but then, so is most of IP.

Charlie Perkins, IBM

Mobile Networking

John Constant, Novell

He is the product-line manager for mobile computing at Novell. In his remarks, his emphasis was on reliability and ease-of-use as the critical and immediate problems to be solved.

He gave a high-level description of Mobile WorkPlace. (Click here for a related article from Network World.) The basic components of Mobile WorkPlace 1.0 serve the following functions:

select connection medium

connection set-up

resource mapping

synchronization of tasks

automatic location detection

He identified areas of continuing interest at Novell:

disconnected operation

desktop access point

network agents

replicated network resources

Novell sees the requirements of a notebook on a LAN to be their multi-protocol router product, while on a WAN, a notebook requires their NetWare Connect, remote MHS, and Mobile WorkPlace products.

He indicated that Novell is doing a lot of research on the networking needs of personal digital assistants.

M. Satyanarayanan, Carnegie-Mellon

Mobile Computing

Satya gave an overview of his work in mobile computing. He began by observing that access to shared data is the key problem. While CD-ROM will serve many of these needs, e.g., manuals for field service maintenance or emergency medical response, there remains a mutable component, e.g., the service record or medical record.

What makes access to shared data hard are the fundamental constraints of mobile computers, namely

resource-poor

less trustworthy

uncertain communications

and the scale and variety of data. Satya argues for transparency -- mobile systems should cope with the effects of mobility.

Satya then described recent work in CODA. He points out that replay optimization is critical to performance. Work currently in progress includes

exploit weak connectivity by "trickle charging" the cache

hoarding improvements, e.g., studies to better understand user needs, and task-based hoarding

application-specific conflict resolution (heh heh -- he got this from us)

isolation-only transactions

user behavior in mobile computing

Satya points out that some cache misses are worse than others, e.g., a miss in the first minute of service is much worse than one after 24 hours -- in the latter case, the user was able to work for a day.

Peter Honeyman, CITI

Preheating a Mobile File Cache

Here are the foils I used.

Carl Tait, IBM

Hoarding vs. Prefetching

Carl makes an analogy with loading a briefcase.

Panel

I forget exactly who was on the panel, as there was no agenda, no introductory remarks, and most of the discussion was in the audience. We argued about the utility (or is it futility?) of the IETF Mobile IP activities, but no other recollections stand out.

Dave Cohn, Notre Dame

Realizing Mobile Computing Personae

Phil Rogaway, IBM

Confidentiality and Authentication Mechanisms for the Mobile Environment

Goals:

privacy

authenticity

anonymity

availability

transparency

Problems:

encryption takes too long

message authentication takes too long

weak passwords make the system vulnerable

no one understands entity authentication (I took issue with this)

asymmetric authenticated key exchange takes too long

You can see what's coming ... that's right, a new, fast cipher, called SEAL, for software encryption algorithm. SEAL is designed to be a software efficient stream cipher. It crunches a pass phrase into a 160-bit key, using a very slow key schedule mechanism. (This part takes milliseconds, but is done only once per session. Note how this aspect of SEAL exacerbates dictionary attack.) You then seed SEAL with an index, and out flows a bit stream that you XOR with your plaintext.

The index gives you random access to a file -- if a file has been encrypted with an initial index of 0, and you want the kth bit of the file, you seek to the kth bit of the ciphertext, present k as the seed (and a proper pass phrase), and XOR the resulting stream to recover the plaintext. This has the random-access advantages of DES ECB or PCBC without their (horrible) disadvantages. SEAL looks very exciting. (But what's the chance IBM will let SEAL be used in the public domain?)

SEAL has been measured on some popular processors:

3.6 MB/s on 25-Mhz 486 (coded in assembler)

7.2 MB/s on 50-Mhz 486 (coded in assembler)

4.5 MB/s on 40-Mhz RS/6k model 530 (coded in C)

SEAL is 10-30 times the speed of DES.

He also described some ideas for fast message authentication, based on Wegman and Carters' universal hash functions, but I didn't get it, nor did anyone else, I suspect.

Handouts

See me for handouts passed out at the meeting. I have

list of attendees

Peter Hortensius' overheads on some work he is doing with IR comms

Carl Tait's overheads

Charlie Perkins' overheads

Satya's overheads

Charlie Kunzinger's overheads

honey@citi.umich.edu