E-Book, Englisch, 121 Seiten
Huang Hop Integrity in the Internet
1. Auflage 2006
ISBN: 978-0-387-29444-5
Verlag: Springer-Verlag
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
E-Book, Englisch, 121 Seiten
ISBN: 978-0-387-29444-5
Verlag: Springer-Verlag
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Denial-of-service attacks are one of the most severe challenges confronting the online world. This ground-breaking volume discusses a new method of countering denial-of-service attacks called hop integrity. It details a suite of protocols for providing hop integrity. In particular, each protocol in this suite is specified and verified using an abstract and formal notation, called the Secure Protocol Notation. In addition, the book presents an alternative way to achieve strong hop integrity with hard sequence numbers.
Autoren/Hrsg.
Weitere Infos & Material
1;Contents;7
2;Preface;9
3;Chapter 1 INTRODUCTION;12
4;Chapter 2 ABSTRACT PROTOCOL NOTATION;18
4.1;1. PROCESSES AND CHANNELS;18
4.2;2. CONSTANTS, VARIABLES, AND ACTIONS;19
4.3;3. STATE TRANSITION DIAGRAM;22
4.4;4. PROCESS ARRAYS, PARAMETERS, AND PARAMETERIZED ACTIONS;25
5;Chapter 3 ABSTRACT SECURE PROTOCOLS;28
5.1;1. ASSUMPTIONS ABOUT THE ADVERSARY;29
5.2;2. SECURITY KEYS;29
5.3;3. MESSAGE DIGESTS;31
5.4;4. NONCES;31
5.5;5. TIMEOUT ACTIONS;32
5.6;6. AN EXAMPLE PROTOCOL WITH SECURITY FEATURES;32
6;Chapter 4 DENIAL-OF-SERVICE ATTACKS;36
6.1;1. COMMUNICATION-STOPPING ATTACKS;37
6.2;2. RESOURCE-EXHAUSTING ATTACKS;39
7;Chapter 5 SECURE ADDRESS RESOLUTION PROTOCOL;42
7.1;1. ARCHITECTURE OF SECURE ADDRESS RESOLUTION;42
7.2;2. THE INVITE-ACCEPT PROTOCOL;46
7.3;3. THE REQUEST-REPLY PROTOCOL;52
7.4;4. EXTENSIONS;58
7.4.1;4.1 Insecure Address Resolution;59
7.4.2;4.2 A Backup Server;64
7.4.3;4.3 System Diagnosis;65
7.4.4;4.4 Serving Multiple Ethernets;65
8;Chapter 6 WEAK HOP INTEGRITY PROTOCOL;66
8.1;1. SECRET EXCHANGE PROTOCOL;67
8.2;2. WEAK INTEGRITY CHECK PROTOCOL;73
9;Chapter 7 STRONG HOP INTEGRITY USING SOFT SEQUENCE NUMBERS;78
9.1;1. SOFT SEQUENCE NUMBER PROTOCOL;78
9.2;2. STRONG INTEGRITY CHECK PROTOCOL;81
10;Chapter 8 STRONG HOP INTEGRITY USING HARD SEQUENCE NUMBERS;86
10.1;1. HARD SEQUENCE NUMBER PROTOCOL;87
10.2;2. A PROTOCOL WITH SAVE AND FETCH OPERATIONS;89
10.3;3. CONVERGENCE OF NEW HARD SEQUENCE NUMBER PROTOCOL;94
10.4;4. APPLICATION OF SAVE AND FETCH IN STRONG HOP INTEGRITY PROTOCOL;97
10.5;5. TRADEOFFS BETWEEN SOFT SEQUENCE NUMBERS AND HARD SEQUENCE NUMBERS;97
11;Chapter 9 IMPLEMENTATION CONSIDERATIONS;99
11.1;1. KEYS AND SECRETS;99
11.2;2. TIMEOUTS;100
11.3;3. SEQUENCE NUMBERS;100
11.4;4. MESSAGE OVERHEAD;102
12;Chapter 10 OTHER USES OF HOP INTEGRITY;104
12.1;1. MOBILE IP;104
12.2;2. SECURE MULTICAST;108
12.3;3. SECURITY OF ROUTING PROTOCOLS;111
12.3.1;3.1 Security of RIP;112
12.3.2;3.2 Security of OSPF;113
12.3.3;3.3 Security of RSVP;115
12.4;4. SECURITY IN AD HOC NETWORKS AND SENSOR NETWORKS;116
13;References;118
14;Index;122
Chapter 6 WEAK HOP INTEGRITY PROTOCOL (p. 55-56)
In this and the next two chapters, we present the hop integrity protocols. The hop integrity protocols belong to two thin layers, namely the secret exchange layer and the integrity check layer, that need to be added to the network layer of the protocol stack of each router in a network. The function of the secret exchange layer is to allow adjacent routers to periodically generate and exchange (and so share) new secrets. The exchanged secrets are made available to the integrity check layer, which uses them to compute and verify the integrity check for every data message transmitted between the adjacent routers.
Figure 6.1 shows the protocol stacks in two adjacent routers p and q. The secret exchange layer has one protocol: the secret exchange protocol. This protocol consists of the two processes pe and qe in routers p and q, respectively. The integrity check layer has two protocols: the weak integrity check protocol and the strong integrity check protocol. The weak version consists of the two processes pw and qw in routers p and q, respectively. This version can detect message modification, but not message replay. The strong version of the integrity check layer consists of the two processes ps and qs in routers p and q, respectively. This version can detect both message modification and message replay.
In this chapter, we present the weak hop integrity protocol, which is the combination of the secret exchange protocol and the weak integrity check protocol. In the next chapter, we present the strong hop integrity protocol, which is the combination of the secret exchange protocol and the strong integrity check protocol.
This chapter is organized as follows. First, we present the secret exchange protocol, and verify its correctness. Then, we present the weak integrity check protocol, and verify its correctness.
1. SECRET EXCHANGE PROTOCOL
In the secret exchange protocol, the two processes pe and qe maintain two shared secrets sp and sq. Secret sp is used by router p to compute the integrity check for each data message sent by p to router q, and it is also used by router q to verify the integrity check for each data message received by q from router p. Similarly, secret sq is used by q to compute the integrity checks for data messages sent to p, and it is used by p to verify the integrity checks for data messages received from q.
As part of maintaining the two secrets sp and sq, processes pe and qe need to change these secrets periodically, say every te hours, for some chosen value te. Process pe is to initiate the change of secret sq, and process qe is to initiate the change of secret sp. Processes pe and qe each has a public key and a private key that they use to encrypt and decrypt the messages.
