Lightweight source authentication and path validation

Tiffany Hyun Jin Kim; Cristina Basescu; Limin Jia; Soo Bum Lee; Yih Chun Hu; Adrian Perrig

doi:10.1145/2619239.2626323

Lightweight source authentication and path validation

Tiffany Hyun Jin Kim, Cristina Basescu, Limin Jia, Soo Bum Lee, Yih Chun Hu, Adrian Perrig

Research output: Contribution to journal › Conference article

Abstract

In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.

Original language	English (US)
Pages (from-to)	271-282
Number of pages	12
Journal	Computer Communication Review
Volume	44
Issue number	4
DOIs	https://doi.org/10.1145/2619239.2626323
State	Published - Feb 25 2015
Event	ACM SIGCOMM 2014 Conference - Chicago, United States Duration: Aug 17 2014 → Aug 22 2014

Keywords

Path validation
Retroactive key setup
Source authentication

ASJC Scopus subject areas

Software
Computer Networks and Communications

Access to Document

10.1145/2619239.2626323

Fingerprint Dive into the research topics of 'Lightweight source authentication and path validation'. Together they form a unique fingerprint.

Cite this

@article{e68e4d43509a4b0cb23d69a19b99ca7a,

title = "Lightweight source authentication and path validation",

abstract = "In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.",

keywords = "Path validation, Retroactive key setup, Source authentication",

author = "Kim, {Tiffany Hyun Jin} and Cristina Basescu and Limin Jia and Lee, {Soo Bum} and Hu, {Yih Chun} and Adrian Perrig",

year = "2015",

month = feb,

day = "25",

doi = "10.1145/2619239.2626323",

language = "English (US)",

volume = "44",

pages = "271--282",

journal = "Computer Communication Review",

issn = "0146-4833",

publisher = "Association for Computing Machinery (ACM)",

number = "4",

note = "ACM SIGCOMM 2014 Conference ; Conference date: 17-08-2014 Through 22-08-2014",

}

TY - JOUR

T1 - Lightweight source authentication and path validation

AU - Kim, Tiffany Hyun Jin

AU - Basescu, Cristina

AU - Jia, Limin

AU - Lee, Soo Bum

AU - Hu, Yih Chun

AU - Perrig, Adrian

PY - 2015/2/25

Y1 - 2015/2/25

N2 - In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.

AB - In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.

KW - Path validation

KW - Retroactive key setup

KW - Source authentication

UR - http://www.scopus.com/inward/record.url?scp=84924409356&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84924409356&partnerID=8YFLogxK

U2 - 10.1145/2619239.2626323

DO - 10.1145/2619239.2626323

M3 - Conference article

AN - SCOPUS:84924409356

VL - 44

SP - 271

EP - 282

JO - Computer Communication Review

JF - Computer Communication Review

SN - 0146-4833

IS - 4

T2 - ACM SIGCOMM 2014 Conference

Y2 - 17 August 2014 through 22 August 2014

ER -