Lightweight source authentication and path validation

Tiffany Hyun Jin Kim, Cristina Basescu, Limin Jia, Soo Bum Lee, Yih Chun Hu, Adrian Perrig

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.

Original languageEnglish (US)
Title of host publicationSIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication
PublisherAssociation for Computing Machinery
Pages271-282
Number of pages12
ISBN (Print)9781450328364
DOIs
StatePublished - Jan 1 2014
Event2014 ACM Conference on Special Interest Group on Data Communication, SIGCOMM 2014 - Chicago, IL, United States
Duration: Aug 17 2014Aug 22 2014

Publication series

NameSIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication

Other

Other2014 ACM Conference on Special Interest Group on Data Communication, SIGCOMM 2014
CountryUnited States
CityChicago, IL
Period8/17/148/22/14

Fingerprint

Authentication
Routers
Scalability
Compliance

Keywords

  • path validation
  • retroactive key setup
  • source authentication

ASJC Scopus subject areas

  • Computer Science Applications

Cite this

Kim, T. H. J., Basescu, C., Jia, L., Lee, S. B., Hu, Y. C., & Perrig, A. (2014). Lightweight source authentication and path validation. In SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication (pp. 271-282). (SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication). Association for Computing Machinery. https://doi.org/10.1145/2619239.2626323

Lightweight source authentication and path validation. / Kim, Tiffany Hyun Jin; Basescu, Cristina; Jia, Limin; Lee, Soo Bum; Hu, Yih Chun; Perrig, Adrian.

SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication. Association for Computing Machinery, 2014. p. 271-282 (SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Kim, THJ, Basescu, C, Jia, L, Lee, SB, Hu, YC & Perrig, A 2014, Lightweight source authentication and path validation. in SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication. SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication, Association for Computing Machinery, pp. 271-282, 2014 ACM Conference on Special Interest Group on Data Communication, SIGCOMM 2014, Chicago, IL, United States, 8/17/14. https://doi.org/10.1145/2619239.2626323
Kim THJ, Basescu C, Jia L, Lee SB, Hu YC, Perrig A. Lightweight source authentication and path validation. In SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication. Association for Computing Machinery. 2014. p. 271-282. (SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication). https://doi.org/10.1145/2619239.2626323
Kim, Tiffany Hyun Jin ; Basescu, Cristina ; Jia, Limin ; Lee, Soo Bum ; Hu, Yih Chun ; Perrig, Adrian. / Lightweight source authentication and path validation. SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication. Association for Computing Machinery, 2014. pp. 271-282 (SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication).
@inproceedings{9ef8a7aff8c443a69036f3964384ea22,
title = "Lightweight source authentication and path validation",
abstract = "In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.",
keywords = "path validation, retroactive key setup, source authentication",
author = "Kim, {Tiffany Hyun Jin} and Cristina Basescu and Limin Jia and Lee, {Soo Bum} and Hu, {Yih Chun} and Adrian Perrig",
year = "2014",
month = "1",
day = "1",
doi = "10.1145/2619239.2626323",
language = "English (US)",
isbn = "9781450328364",
series = "SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication",
publisher = "Association for Computing Machinery",
pages = "271--282",
booktitle = "SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication",

}

TY - GEN

T1 - Lightweight source authentication and path validation

AU - Kim, Tiffany Hyun Jin

AU - Basescu, Cristina

AU - Jia, Limin

AU - Lee, Soo Bum

AU - Hu, Yih Chun

AU - Perrig, Adrian

PY - 2014/1/1

Y1 - 2014/1/1

N2 - In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.

AB - In-network source authentication and path validation are fundamental primitives to construct higher-level security mechanisms such as DDoS mitigation, path compliance, packet attribution, or protection against flow redirection. Unfortunately, currently proposed solutions either fall short of addressing important security concerns or require a substantial amount of router overhead. In this paper, we propose lightweight, scalable, and secure protocols for shared key setup, source authentication, and path validation. Our prototype implementation demonstrates the efficiency and scalability of the protocols, especially for software-based implementations.

KW - path validation

KW - retroactive key setup

KW - source authentication

UR - http://www.scopus.com/inward/record.url?scp=84907362997&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84907362997&partnerID=8YFLogxK

U2 - 10.1145/2619239.2626323

DO - 10.1145/2619239.2626323

M3 - Conference contribution

AN - SCOPUS:84907362997

SN - 9781450328364

T3 - SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication

SP - 271

EP - 282

BT - SIGCOMM 2014 - Proceedings of the 2014 ACM Conference on Special Interest Group on Data Communication

PB - Association for Computing Machinery

ER -