TARP: Ticket-based address resolution protocol

Proceedings - Annual Computer Security Applications Conference, ACSAC

Volumn 2005, Issue , 2005, Pages 108-116

  Lootah, Wesam ^a   Enck, William ^a   McDaniel, Patrick ^a  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER NETWORKS; COMPUTER OPERATING SYSTEMS; INTERNET; SECURITY OF DATA;

ADDRESS RESOLUTION PROTOCOL (ARP); LINUX (OPERATING SYSTEM); TICKET-BASED ADDRESS RESOLUTION PROTOCOL (TARP);

NETWORK PROTOCOLS;

EID: 33846297018     PISSN: 10639527     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSAC.2005.55     Document Type: Conference Paper

References (39)

1. Anatomy of an arp poisoning attack. http://www.watchguard.com/infocenter/ editorial/135324.asp, accessed June 2005.
2. The openssl library, http://www.openssl.org/.
3. The packet capture library, http://www.tcpdump.org/.
4. C. Adams and R. Zuccherato. A General, Flexible Approach to Certificate Revocation, June 1998. http://www.entrust.com/securityzone/whitepapers.htm.
5. W. Aiello, J. Ioannidis, and P. McDaniel. Origin Authentication in Interdomain Routing. In Proceedings of 10th ACM Conference on Computer and Communications Security, pages 165-178. ACM, October 2003. Washington, DC.
6. R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. RFC 4034, Resource Records for the DNS Security Extensions. Internet Engineering Task Force, March 2005.
7. R. Arends, R. Austein, M. Larson, D. Massey, and S. Rose. RFC 4035, Protocol Modifications for the DNS Security Extensions. Internet Engineering Task Force, March 2005.
8. S. M. Bellovin. Security problems in the tcp/ip protocol suite. Computer Communications Review, 2(19):32-48, April 1989.
9. S. M. Bellovin. A look back at "security problems in the tcp/ip protocol suite". In 20th Annual Computer Security Application Conference (ACSAC), pages 229-249, December 2004.
10. D. Bruschi, A. Orgnaghi, and E. Rosti. S-arp: a secure address resolution protocol. 2003.
11. Cisco Systems. Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide, 12.1(19)EW. http://www.cisco.com/en/US/products/hw/ switches/ps4324/products_configuration_guide_chapter09186a008019d0de.html, accessed May 2005.
12. R. Droms. Dynamic host configuration protocol. RFC 2131, March 1997.
13. R. Droms and W. Arbaugh. Authentication for dhcp messages. RFC 3118, June 2001. http://www.ietf.org/rfc/rfc3118.txt?number=3118.
14. B. Fleck and J. Dimov. Wireless access points and arp poisoning: Wireless vulnerabilities that expose the wired network. http://downloads.securityfocus. com/library/arppoison.pdf.
15. J. Galvin. Public Key Distribution with Secure DNS. In Proceedings of the 6th USENIX Security Symposium, pages 161-170, July 1996.
16. M. Gouda, and C. Huang. A secure address resolution protocol. Computer Networks, 41:860-921, January 2003.
17. C. A. Gunter and T. Jim. Generalized certificate revocation. In POPL '00: Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pages 316-329, New York, NY, USA, 2000. ACM Press.
18. R. Housley, W. Ford, W. Polk, and D. Solo. RFC 2459, Internet X.509 Public Key Infrastructure Certificate and CRL Profile. Internet Engineering Task Force, January 1999.
19. J. Kempf, C. Gentry, and A. Silverberg. Securing ipv6 neighbor discovery using address based keys (abks). http://www.watersprings.org/pub/id/draft- kempfabk-nd-00.txt. draft-kempf-ipng-secure-nd-00.txt work in progress.
20. P. Kocher. On Certificate Revocation and Validation. In R. Hirschfeld, editor, Financial Cryptography FC '98, volume 1465, pages 172-177, Anguilla, British West Indies, February 1998. Springer.
21. L. B. N. L. (LBNL). Arpwatch: Ethernet monitor program. http://www-nrg.ee.lbl.gov, accessed May 2005.
22. W. Lootah. Tarp source code, http://siis.cse.psu.edu/tools.html.
23. M. Malkin, T. D. Wu, and D. Boneh. Experimenting with shared generation of rsa keys. In Proceedings of Network and Distributed Systems Security 1999. Internet Society, February 1999. San Diego, CA.
24. P. McDaniel and S. Jamin. Windowed Certificate Revocation. In Proceedings of IEEE INFOCOM 2000, pages 1406-1414. IEEE, March 2000. Tel Aviv, Israel.
25. P. McDaniel and A. Rubin. A Response to 'Can We Eliminate Certificate Revocation Lists?'. In Proceedings of Financial Cryptography 2000. International Financial Cryptography Association (IFCA), February 2000. Anguilla, British West Indies.
26. S. Micali. Efficient Certificate Revocation. Technical Report Technical Memo MIT/LCS/TM-542b, Massachusetts Institute of Technology, 1996.
27. D. L. Mills. RFC 1301, network time protocol (version 3) specification, implementation. Internet Engineering Task Force, March 1992.
28. M. Myers. Revocation: Options and Challenges. In R. Hirschfeld, editor, Financial Cryptography FC '98, volume 1465, pages 165-171, Anguilla, British West Indies, February 1998. Springer.
29. M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams. RFC 2560, X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. Internet Engineering Task Force, June 1999.
30. M. Noar and K. Nassim. Certificate Revocation and Certificate Update. In Proceedings of the 7th USENIX Security Symposium, pages 217-228, January 1998.
31. A. Ornaghi. S-arp: a secure address resolution protocol. http://security.dico.unimi.it/research.it.html#sarpd, accessed May 2005.
32. D. C. Plummer. An ethernet address resolution protocol or converting network protocol addresses to 48.bit ethernet address for tansmission on ethernet hardware. RFC 826, November 1982.
33. C. Rigney, S. Willens, A. Rubens, and W Simpson. RFC 2865, remote authentication dial in user service (RADIUS). Internet Engineering Task Force, June 2000.
34. R. Rivest and B. Lampson. SDSI A Simple Distributed Security Infrastructure, October 1996. http://theory.lcs.mit.edu/~rivest/sdsi11.html.
35. M. Schiffman. The libnet packet construction library. http://www.packetfactory.net/libnet/.
36. K. Seo, C. Lynn, and S. Kent. Public-Key Infrastructure for the Secure Border Gateway Protocol (S-BGP). In Proceedings of DARPA Information Survivability Conference and Exposition II. IEEE, June 2001.
37. D. Song, dsniff: a collection of tools for network auditing and penetration testing, http://www.monkey.org/dugsong/dsniff, accessed May 2005.
38. M. V. Tripunitara and P. Dutta. A middle approach to asynchronous and backward compatiable detection and prevention of arp cache poisoning, pages 303-309, 1999.
39. T. Ylonen. SSH - Secure Login Connections Over the Internet. In Proceedings of 6th USENIX UNIX Security Symposium, pages 37-42. USENIX Association, June 1996. San Jose, CA.