Can we trust Huawei? The need for Open Networking!
Nowadays we read in the media discussions whether or not to trust Huawei for our new 5G network. But isn’t this discussion focusing on the wrong question? Instead of questioning whether we can trust companies like Huawei, should we discuss whether we can trust 1) nation states, and 2) “boxes” of which no one has any clue how they precisely operate?
As we’ve learned in the last decade from the Belgacom and NSA-Merkel cases, even friendly nation states seem to use every opportunity to spy their friends. But if even the UK and US can not be trusted, why would we trust the Chinese? The Chinese massively monitor their own population and put spy software on mobile phones and laptops. But not only the secret services within China, the US and the UK hack whatever they can, even small countries like the Netherlands felt proud that they were able to hack cozy bear. So the answer if we can trust nation states is clear: no!
The second question is more challenging: can we trust “black boxes”? I believe we can’t. Trust comes with transparency, and as long as we can’t check the internal operation of routers and switches, we shouldn’t trust them. Fortunately open networking provides a solution. With open networks, open source networking software is installed on top of bare-bone networking hardware. Such hardware consists of ASICs or FPGAs, such as Tofino or Netcope, that can be accessed via open languages and interfaces, such as P4. The open software that runs on top of this hardware relies on Linux and is available in several flavours, including FRR, SCION, RINA, and NDN. Since a few year such hard- and software is available on the market, at costs much lower than traditional “black-box network equipment”. Of course, more research and experience is needed in this area, and CONCORDIA is happy to contribute to such research.
Openness is a core value in our European society. Citizens have the right to check their politicians (Article 15 of the Treaty on the Functioning of the European Union), citizens have the right to control their private data (GDPR) and researchers have to open their results (open access and open data). So why wouldn’t we require that, in 2025, all network devices in the EU should comply to Open Networking principles? Every EU citizen should have the right to check the code that controls our core infrastructure (the Internet). And Huawei is welcome, as long as it complies with Open Networking principles.
(By Prof. Aiko Pras, University of Twente)