Security Architecture for the Internet Protocol
01 Aug 1995-Vol. 1825, pp 1-101
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
Abstract: This document describes an updated version of the "Security
Architecture for IP", which is designed to provide security services
for traffic at the IP layer. This document obsoletes RFC 2401
(November 1998). [STANDARDS-TRACK]
Citations
More filters
Posted Content•
TL;DR: In this paper, the authors provide the provable-security treatment of path vector routing protocols and show that S-BGP satisfies two out of the security model's three goals, assuming the underlying signature scheme is secure.
Abstract: This paper provides the provable-security treatment of path vector routing protocols. We first design a security definition for routing path vector protocols by studying, generalizing, and formalizing numerous known threats. Our model incorporates three major security goals. It is quite strong, yet simple to use. We prove by reduction that S-BGP satisfies two out of the security model’s three goals, assuming the underlying signature scheme is secure. Under the same assumption, we next show how the protocol can be modified to meet all three security goals simultaneously. We also analyze SoBGP and show that it fails to meet two security goals. Finally, we study security of partial PKI deployment of path vector protocols when not all nodes have public keys. We investigate the possibilities of relaxing the PKI requirement and relying on non-cryptographic physical security of networks that use the protocol in order to achieve possibly weaker, but still well-defined, notions of security. We also present the necessary and sufficient conditions to achieve full security in the partial PKI deployment scenario. We believe our conclusions will prove useful for protocol developers, standards bodies and government agencies.
22 citations
14 May 2008
TL;DR: This paper proposes SIMPA - A SIP-based Mobile Payment Architecture for next generation mobile network, which not only supports P2P payment communications between customers and merchants using Session Initiation Protocol (SIP), but also supports several traditional Internet security protocols, to enhance privacy, confidentiality and integrity during the transaction.
Abstract: In recent years, many mobile payment (MP) schemes have been proposed and used in practise However, a prerequisite for extended acceptance and adoption of MP technologies is to deploy an effective MP system So far, there is no such a standardised and scalable MP platform Most current MP schemes are circumscribed by its mobile network infrastructures Fortunately, the fast advancement of 3G technology equips next generation mobile phone network more benefits Following this direction, we propose SIMPA - A SIP-based Mobile Payment Architecture for next generation mobile network, which not only supports P2P payment communications between customers and merchants using Session Initiation Protocol (SIP), but also supports several traditional Internet security protocols, to enhance privacy, confidentiality and integrity during the transaction This paper depicts detailed protocol and system architecture of SIMPA Some application examples from customers' view are shown to demonstrate its function and feature
22 citations
Cites methods from "Security Architecture for the Inter..."
...Many classical internet models of transaction and security can be applied in SIP directly, including HTTP Digest [7], S/MIME [8] and IPSec [9]....
[...]
01 Jan 2005
TL;DR: This dissertation addresses two central problems associated with the design and security analysis of network protocols that use cryptographic primitives by defining complexity-theoretic semantics and proving a soundness theorem for a variant of PCL, which is called Computational PCL.
Abstract: This dissertation addresses two central problems associated with the design and security analysis of network protocols that use cryptographic primitives. The first is the protocol composition problem. The goal here is to develop methods for proving properties of complex protocols by combining independent proofs of their parts. In order to address this problem, we have developed a framework consisting of two formal systems: Protocol Derivation System (PDS) and Protocol Composition Logic (PCL). PDS supports syntactic derivations of complex protocols, starting from basic components, and combining or extending them using a sequence of composition, refinement, and transformation operations. PCL is a Floyd-Hoare style logic that supports axiomatic proofs of protocol properties. The eventual goal is to develop proof methods for PCL for every derivation operation in PDS, thereby enabling the parallel development of protocols and their security proofs. In this dissertation, we present proof methods for reasoning about protocol composition and a class of protocol refinements. The composition theorems are formulated and proved by adapting ideas from the assume-guarantee paradigm for reasoning about distributed systems. PDS and PCL have been successfully applied to a number of industrial network security protocols, in several instances identifying serious security vulnerabilities.
The second problem pertains to the computational soundness of symbolic protocol analysis. At a high-level, this means that a logical method for protocol analysis should have an associated soundness theorem, which guarantees that a completely symbolic proof has an interpretation in the standard complexity-theoretic model of modern cryptography. Our approach to this problem involves defining complexity-theoretic semantics and proving a soundness theorem for a variant of PCL, which we call Computational PCL.
The final result in the dissertation spans both the problems. An alternative way of specifying and reasoning about protocol composition is through simulation between the real protocol and an ideal protocol, which is secure by construction. We prove that, under reasonable assumptions about the communication model, three simulation-based definitions for protocol security: universal composability, black-box simulatability, and process observational equivalence, express the same properties of a protocol. The proofs are axiomatic and are carried out using process calculus equational principles.
22 citations
28 Aug 2000
TL;DR: The Flexible Intra-AS Routing Environment (FIRE) is a link-state, intra-domain routing protocol that decouples these components and enables the development and deployment of novel routing algorithms without the need for a new protocol to distribute state.
Abstract: Current routing protocols are monolithic, specifying the algorithm used to construct forwarding tables, the metric used by the algorithm (generally some form of hop-count), and the protocol used to distribute these metrics as an integrated package. The Flexible Intra-AS Routing Environment (FIRE) is a link-state, intra-domain routing protocol that decouples these components. FIRE supports run-time-pro- grammable algorithms and metrics over a secure link-state distribution protocol. By allowing the network operator to dynamically reprogram both the information being advertised and the routing algorithm used to construct forwarding tables in Java, FIRE enables the development and deployment of novel routing algorithms without the need for a new protocol to distribute state. FIRE supports multiple concurrent routing algorithms and metrics, each constructing separate forwarding tables. By using operator-specified packet filters, separate classes of traffic are routed using completely different routing algorithms, all supported by a single routing protocol.
22 citations
Cites methods from "Security Architecture for the Inter..."
...Second, FIRE makes use of IPsec [24] to protect against certain hop-by-hop attacks that end-to-end security measures cannot prevent....
[...]
Patent•
09 Apr 2015TL;DR: In this paper, a packet from a SDN controller is received at a network device, and the packet is processed according to a flow table, which contains at least two entries that each matches the packet.
Abstract: In one embodiment, a packet from a SDN controller is received at a network device. The packet is processed according to a flow table, which contains at least two entries that each matches the packet. The entries contain instructions to forward the packet according to group tables, and the entries are to expire after different time durations. The packet is to be forwarded according to a first group table and gets duplicated into two: one is transmitted to a first packet queue that transmits packets in a fixed interval to a loopback port that loops back the packets, while the other is forwarded to a first packet buffer that randomly drops packets at a probability prior to transmitting the remaining packets to generate a traffic pattern. The packet is received from the loopback port, and then forwarded according to a second group table to generate another traffic pattern.
22 citations
References
More filters
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Abstract: Two kinds of contemporary developments in cryptography are examined. Widening applications of teleprocessing have given rise to a need for new types of cryptographic systems, which minimize the need for secure key distribution channels and supply the equivalent of a written signature. This paper suggests ways to solve these currently open problems. It also discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
14,980 citations
01 Mar 1997
TL;DR: This document defines these words as they should be interpreted in IETF documents as well as providing guidelines for authors to incorporate this phrase near the beginning of their document.
Abstract: In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. Authors who follow these guidelines should incorporate this phrase near the beginning of their document:
3,501 citations
PARC1
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Abstract: Use of encryption to achieve authenticated communication in computer networks is discussed. Example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee. Both conventional and public-key encryption algorithms are considered as the basis for protocols.
2,671 citations
01 Dec 1995
TL;DR: In this paper, the authors specify version 6 of the Internet Protocol (IPv6), also referred to as IP Next Generation or IPng, and propose a new protocol called IPng.
Abstract: This document specifies version 6 of the Internet Protocol (IPv6), also sometimes referred to as IP Next Generation or IPng.
2,112 citations
[...]
01 Sep 1981
TL;DR: Along with TCP, IP represents the heart of the Internet protocols and has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of data links to support data links with different maximum transmission unit (MTU) sizes.
Abstract: IP is a network layer (Layer 3) protocol that contains addressing information and some control information that enables packets to be routed. IP is documented in RFC 791 and is the primary network layer protocol in the Internet protocol suite. Along with TCP, IP represents the heart of the Internet protocols. IP has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of datagrams to support data links with different maximum transmission unit (MTU) sizes.
1,967 citations