E-Book, Englisch, Band 21, 121 Seiten, eBook
Huang / Gouda Hop Integrity in the Internet
1. Auflage 2006
ISBN: 978-0-387-29444-5
Verlag: Springer US
Format: PDF
Kopierschutz: 1 - PDF Watermark
E-Book, Englisch, Band 21, 121 Seiten, eBook
Reihe: Advances in Information Security
ISBN: 978-0-387-29444-5
Verlag: Springer US
Format: PDF
Kopierschutz: 1 - PDF Watermark
Zielgruppe
Professional/practitioner
Autoren/Hrsg.
Weitere Infos & Material
Abstract Protocol Notation.- Abstract Secure Protocols.- Denial-of-Service Attacks.- Secure Address Resolution Protocol.- Weak Hop Integrity Protocol.- Strong Hop Integrity Using Soft Sequence Numbers.- Strong Hop Integrity Using Hard Sequence Numbers.- Implementation Considerations.- Other Uses of Hop Integrity.
Chapter 6 WEAK HOP INTEGRITY PROTOCOL (p. 55-56)
In this and the next two chapters, we present the hop integrity protocols. The hop integrity protocols belong to two thin layers, namely the secret exchange layer and the integrity check layer, that need to be added to the network layer of the protocol stack of each router in a network. The function of the secret exchange layer is to allow adjacent routers to periodically generate and exchange (and so share) new secrets. The exchanged secrets are made available to the integrity check layer, which uses them to compute and verify the integrity check for every data message transmitted between the adjacent routers.
Figure 6.1 shows the protocol stacks in two adjacent routers p and q. The secret exchange layer has one protocol: the secret exchange protocol. This protocol consists of the two processes pe and qe in routers p and q, respectively. The integrity check layer has two protocols: the weak integrity check protocol and the strong integrity check protocol. The weak version consists of the two processes pw and qw in routers p and q, respectively. This version can detect message modification, but not message replay. The strong version of the integrity check layer consists of the two processes ps and qs in routers p and q, respectively. This version can detect both message modification and message replay.
In this chapter, we present the weak hop integrity protocol, which is the combination of the secret exchange protocol and the weak integrity check protocol. In the next chapter, we present the strong hop integrity protocol, which is the combination of the secret exchange protocol and the strong integrity check protocol.
This chapter is organized as follows. First, we present the secret exchange protocol, and verify its correctness. Then, we present the weak integrity check protocol, and verify its correctness.
1. SECRET EXCHANGE PROTOCOL
In the secret exchange protocol, the two processes pe and qe maintain two shared secrets sp and sq. Secret sp is used by router p to compute the integrity check for each data message sent by p to router q, and it is also used by router q to verify the integrity check for each data message received by q from router p. Similarly, secret sq is used by q to compute the integrity checks for data messages sent to p, and it is used by p to verify the integrity checks for data messages received from q.
As part of maintaining the two secrets sp and sq, processes pe and qe need to change these secrets periodically, say every te hours, for some chosen value te. Process pe is to initiate the change of secret sq, and process qe is to initiate the change of secret sp. Processes pe and qe each has a public key and a private key that they use to encrypt and decrypt the messages.
