Lightweight source authentication and path validation

Tiffany Hyun Jin Kim; Cristina Basescu; Limin Jia; Soo Bum Lee; Yih-Chun Hu; Adrian Perrig

doi:10.1145/2619239.2626323

Lightweight source authentication and path validation

Tiffany Hyun Jin Kim, Cristina Basescu, Limin Jia, Soo Bum Lee, Yih-Chun Hu, Adrian Perrig

Research output: Contribution to journal › Conference article

Abstract

In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.

Original language	English (US)
Pages (from-to)	271-282
Number of pages	12
Journal	Computer Communication Review
Volume	44
Issue number	4
DOIs	https://doi.org/10.1145/2619239.2626323
State	Published - Feb 25 2015
Event	ACM SIGCOMM 2014 Conference - Chicago, United States Duration: Aug 17 2014 → Aug 22 2014

Fingerprint

Authentication

Routers

Scalability

Compliance

Keywords

Path validation
Retroactive key setup
Source authentication

ASJC Scopus subject areas

Software
Computer Networks and Communications

Cite this

Kim, T. H. J., Basescu, C., Jia, L., Lee, S. B., Hu, Y-C., & Perrig, A. (2015). Lightweight source authentication and path validation. Computer Communication Review, 44(4), 271-282. https://doi.org/10.1145/2619239.2626323

Lightweight source authentication and path validation. / Kim, Tiffany Hyun Jin; Basescu, Cristina; Jia, Limin; Lee, Soo Bum; Hu, Yih-Chun; Perrig, Adrian.

In: Computer Communication Review, Vol. 44, No. 4, 25.02.2015, p. 271-282.

Research output: Contribution to journal › Conference article

Kim, THJ, Basescu, C, Jia, L, Lee, SB, Hu, Y-C & Perrig, A 2015, 'Lightweight source authentication and path validation', Computer Communication Review, vol. 44, no. 4, pp. 271-282. https://doi.org/10.1145/2619239.2626323

Kim THJ, Basescu C, Jia L, Lee SB, Hu Y-C, Perrig A. Lightweight source authentication and path validation. Computer Communication Review. 2015 Feb 25;44(4):271-282. https://doi.org/10.1145/2619239.2626323

Kim, Tiffany Hyun Jin ; Basescu, Cristina ; Jia, Limin ; Lee, Soo Bum ; Hu, Yih-Chun ; Perrig, Adrian. / Lightweight source authentication and path validation. In: Computer Communication Review. 2015 ; Vol. 44, No. 4. pp. 271-282.

@article{e68e4d43509a4b0cb23d69a19b99ca7a,

title = "Lightweight source authentication and path validation",

abstract = "In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.",

keywords = "Path validation, Retroactive key setup, Source authentication",

author = "Kim, {Tiffany Hyun Jin} and Cristina Basescu and Limin Jia and Lee, {Soo Bum} and Yih-Chun Hu and Adrian Perrig",

year = "2015",

month = "2",

day = "25",

doi = "10.1145/2619239.2626323",

language = "English (US)",

volume = "44",

pages = "271--282",

journal = "Computer Communication Review",

issn = "0146-4833",

publisher = "Association for Computing Machinery (ACM)",

number = "4",

}

TY - JOUR

T1 - Lightweight source authentication and path validation

AU - Kim, Tiffany Hyun Jin

AU - Basescu, Cristina

AU - Jia, Limin

AU - Lee, Soo Bum

AU - Hu, Yih-Chun

AU - Perrig, Adrian

PY - 2015/2/25

Y1 - 2015/2/25

N2 - In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.

AB - In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.

KW - Path validation

KW - Retroactive key setup

KW - Source authentication

UR - http://www.scopus.com/inward/record.url?scp=84924409356&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84924409356&partnerID=8YFLogxK

U2 - 10.1145/2619239.2626323

DO - 10.1145/2619239.2626323

M3 - Conference article

AN - SCOPUS:84924409356

VL - 44

SP - 271

EP - 282

JO - Computer Communication Review

JF - Computer Communication Review

SN - 0146-4833

IS - 4

ER -

Access to Document

10.1145/2619239.2626323