Lightweight Source Authentication and Path Validation

被引:62
作者
Kim, Tiffany Hyun-Jin [1 ]
Basescu, Cristina [2 ]
Jia, Limin [1 ]
Lee, Soo Bum [3 ]
Hu, Yih-Chun [4 ]
Perrig, Adrian [2 ]
机构
[1] CMU, CyLab, Pittsburgh, PA 15213 USA
[2] Swiss Fed Inst Technol, Zurich, Switzerland
[3] Qualcomm, San Diego, CA USA
[4] UIUC, Champaign, IL USA
来源
ACM SIGCOMM COMPUTER COMMUNICATION REVIEW | 2014年 / 44卷 / 04期
关键词
Source Authentication; Path Validation; Retroactive Key Setup;
D O I
10.1145/2740070.2626323
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.
引用
收藏
页码:271 / 282
页数:12
相关论文
共 40 条
  • [1] ANDERSON T, 2003, P HOTN 2
  • [2] Anderson T, 2013, WELD J, V92, P16
  • [3] [Anonymous], 2008, P ACM SIGCOMM
  • [4] [Anonymous], 2008, P NSDI
  • [5] [Anonymous], P SIGCOMM
  • [6] ARIN, RES PUBL KEY INFR RP
  • [7] Bender A., 2007, P USENIX SRUTI
  • [8] Bernstein D. J., 2011, P CHES
  • [9] Cowie J., 2013, POPULAR MECH
  • [10] Cowie Jim., 2013, The new threat: Targeted internet traffic misdirection
1234