TrueIP: Prevention of IP spoofing attacks using identity-based cryptography

SIN'09 - Proceedings of the 2nd International Conference on Security of Information and Networks

Volumn , Issue , 2009, Pages 128-137

  Schridde, Christian ^a   Smith, Matthew ^a   Freisleben, Bernd ^a  

^a PHILIPPS UNIVERSITY MARBURG   (Germany)

Author keywords

Denial of service; Identity based cryptography; IP spoofing; Network security; Signatures

Indexed keywords

BANDWIDTH CONSUMPTION; CERTIFICATE AUTHORITY; COMPUTATION TIME; DENIAL OF SERVICE ATTACKS; DENIAL-OF-SERVICE; IDENTITY-BASED CRYPTOGRAPHY; IDENTITY-BASED SIGNATURE SCHEME; INTERNET ROUTING; IP ADDRESSS; IP SPOOFING; PUBLIC KEY INFRASTRUCTURE; SIGNATURE GENERATION; SIGNATURES; X.509 CERTIFICATES;

COMPUTER CRIME; FREQUENCY HOPPING; INTERNET PROTOCOLS; PUBLIC KEY CRYPTOGRAPHY; ROUTING PROTOCOLS; TELECOMMUNICATION NETWORKS;

NETWORK SECURITY;

EID: 70350660771     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1626195.1626229     Document Type: Conference Paper

References (24)

1. MIRACL - Multiprecision Integer and Rational Arithmetic C/C++ Library. www.SHAMUS.IE.
2. B. Adida, D. Chau, S. Hohenberger, and R. L. Rivest. Lightweight Email Signatures. In SCN '06: 5th International Conference on Security and Cryptography for Networks, vol. 4116 of Lecture Notes in Computer Science, pp. 288-302, 2006. Maiori, Italy.
3. D. G. Andersen, H. Balakrishnan, N. Feamster, T. Koponen, D. Moon, and S. Shenker. Holding the Internet Accountable. In Proceedings of the 6th ACM Workshop on Hot Topics in Networking, Atlanta, GA, November 2007.
4. T. Aura. Cryptographically Generated Addresses, 2005. RFC 3972.
5. F. Baker. Requirements for IP Version 4 Routers, 1995. RFC 1812, IETF.
6. M. Bellare, R. Canetti, and H. Krawczyk. Message Authentication Using Hash Functions: the HMAC Construction. CryptoBytes, 2(1):12-15, Spring 1996.
7. D. Boneh and M. Franklin. Identity-based Encryption from the Weil Pairing. SIAM Journal of Computation, 32(3):586-615, 2003.
8. C. Cocks. An Identity-based Encryption Scheme Based on Quadratic Residues. In 8th IMA International Conference on Cryptography and Coding, vol. 2260 of Lecture Notes in Computer Science, pp. 360-363, 2001.
9. P. Congdon, B. Aboba, A. Smith, G. Zorn, and J. Roese. IEEE 802.1X Remote Authentication Dial In User Service Usage Guidelines, Sept. 2003. RFC 3580.
10. C. Ellison and B. Schneier. Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure. In Computer Security Journal, pages 1-7, 2000.
11. P. Ferguson and D. Senie. Network Ingress Filtering: Defeating Denial of Service Attacks which Employ IP Source Address Spoofing, 2000. RFC 2827, IETF.
12. Y. I. Jerschow, C. Lochert, B. Scheuermann, and M. Mauve. CLL: A Cryptographic Link Layer for Local Area Networks. In SCN '08: 6th International Conference on Security and Cryptography for Networks, vol. 5229 of Lecture Notes in Computer Science, pp. 21-38, 2008. Amalfi, Italy.
13. S. Kent and R. Atkinson. Security Architecture for the Internet Protocol, 1998. RFC 2401, IETF.
14. X. Liu, A. Li, X. Yang, and D. Wetherall. Passport: Secure and Adoptable Source Authentication. In USENIX/ACM Symposium on Networked Systems Design and Implementation, pages 365-378, Berkeley, CA, USA, 2008. USENIX Association.
15. X. Liu, X. Yang, D. Wetherall, and T. Anderson. Efficient and Secure Source Authentication with Packet Passports. In 2nd Conference on Steps to Reducing Unwanted Traffic on the Internet, pp. 2-9, Berkeley, CA, USA, 2006. USENIX Association. San Jose, CA.
16. J. Mirkovic and P. Reiher. A Taxonomy of DDoS Attack and DDoS Defense Mmechanisms. In ACM SIGCOMM, pp. 39-53, New York, NY, USA, 2004. ACM Press. Portland, Oregon.
17. R. Moskowitz, P. Nikander, P. Jokela, and T. Henderson. Host Identity Protocol, October 2003. RFC 4423.
18. B. Parno, D. Wendlandt, E. Shi, A. Perrig, B. Maggs, and Y.-C. Hu. Portcullis: Protecting Connection Setup from Denial-of-Capability Attacks. In ACM SIGCOMM, pp. 289-300. ACM Press, 2007. Kyoto, Japan.
19. T. Peng, C. Leckie, and K. Ramamohanarao. Survey of Network-Based Defense Mechanisms Countering the DoS and DDoS Problems. ACM Computing Surveys, 39(1):3, 2007.
20. R. L. Rivest and B. Kaliski. The RSA-Problem. Encyclopedia of Cryptography and Security, 2003.
21. S. Savage, D. Wetherall, A. Karlin, and T. Anderson. Practical Network Support for IP Traceback. In ACM SIGCOMM, pages 295-306. ACM Press, 2000. Stockholm, Sweden.
22. C. Schridde, M. Smith, and B. Freisleben. An Identity-based Key Agreement Protocol for the Network Layer. In SCN '08: 6th International Conference on Security and Cryptography for Networks, vol. 5229 of Lecture Notes in Computer Science, pp. 409-422, 2008. Amalfi, Italy.
23. A. Shamir. Identity-based Cryptosystems and Signature Schemes. CRYPTO 1984 Advances in Crytology, 196:47-53, 1984.
24. D. K. Smetters and G. Durfee. Domain-based Administration of Identity-based Cryptosystems for Secure E-Mail and IPSEC. In Proceedings of the 12th USENIX Security Symposium, pages 15-19, Berkeley, CA, USA, 2003. USENIX Association.