Implementing Cryptography for Packet Level Authentication
نویسنده
چکیده
Packet Level Authentication (PLA) is a novel countermeasure against distributed denial-of-service attacks. Each packet sent across a network has a digital signature and public key attached to it, allowing each hop along the route to verify the authenticity of packets. This requires high-speed elliptic curve cryptography (ECC) to improve throughput. In this paper, we present a software solution of cryptography for PLA using the combination of Koblitz curves to increase throughput and implicit certificates to decrease storage and computation overhead. A software implementation is presented, built on OpenSSL libraries and extending the OpenSSL API to support not only fast ECC using Koblitz curves, but implicit certificates and fast signature verifications using implicit certificates as well. Software implementation results of these API extensions are provided, yielding significant speedup of elliptic curve operations.
منابع مشابه
Two level Authentication and Packet Marking Mechanism for Defending against DoS and DDoS Attacks
Denial of Service (DoS) attacks present a serious problem for Internet communications. IP source address spoofing is used by DoS and DDoS attacks on targeted victim. IP spoofing to forge the source IP address of the packet, and thereby hide the identity of source. This makes hard to detect and defend against such attack. This paper presents a token based authentication and Packet Marking mechan...
متن کاملMessage Authentication And Source Privacy Using BAC Technique In Wireless Sensor Networks
-----------------------------------------------------------------ABSTRACT---------------------------------------------------A scalable authentication scheme is based on elliptic curve Cryptography (ECC), while enabling intermediate nodes authentication, our existing scheme allows any node to transmit an unlimited number of messages without suffering the threshold problem. In addition, existing ...
متن کاملSecurity Review of the Light-Weight Access Point Protocol draft-ohara-capwap-lwapp-02
This document introduces the LWAPP protocol and provides an analysis of its security features. In particular, the public-key authentication, preshared-key authentication, and packet-level encryption are examined. Also, the security ramifications introduced by the IEEE 802.11 binding are reviewed. Lastly, recommendations on changes the the protocol are presented. Overall, LWAPP is “secure”. Howe...
متن کاملMulticast Authentication using Batch Signature - MABS
Traditional multicast authentication schemes manage the different involvement of the receivers by letting the sender: Choose the block size, divide a multicast stream into blocks, connect each block with a signature, and spread the effect of the Signature across all the packets in the block. The relationship between packets tends to packet loss which is very common via internet and wireless com...
متن کاملSecure Data Packet Transmission in Manet Using Enhanced Identity- Based Cryptography (eibc)
Mobile ad hoc network (MANET) is a self configuring and self relating wireless network of mobile nodes connected devoid of wires. Due to their unique characteristics such as mobility, dynamic topology and lack of essential infrastructure support, security is more challenging in MANET. So, to enhance the security in MANET, we propose Enhanced Identity-Based Cryptography (EIBC), an efficient key ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008