accountable internet protocol
DESCRIPTION
Accountable Internet Protocol. David Andersen (CMU) Hari Balakrishnan (MIT) Nick Feamster (Georgia Tech) Scott Shenker (Berkeley). http://www.aip-arch.net /. Many Security Problems/Point Solutions. For each problem, point solutions - PowerPoint PPT PresentationTRANSCRIPT
Accountable Internet Protocol
David Andersen (CMU)Hari Balakrishnan (MIT)
Nick Feamster (Georgia Tech) Scott Shenker (Berkeley)
http://www.aip-arch.net/
2
Many Security Problems/Point Solutions
• For each problem, point solutions• Fundamental problem: accountability is not intrinsic
to current Internet architecture
Accountable Internet Protocol• Key idea: New addressing for networks and hosts
– Other protocols can use this property as foundation: (Anti-spoofing, secure routing, DDoS shut-off, etc.)
AD and EID are self-certifying flat names• AD = hash( public_key_of_AD )• Self-certification binds name to named entity
AD and EID are self-certifying flat names• AD = hash( public_key_of_AD )• Self-certification binds name to named entity
Address = AD1:EID
If multihomed, has multiple addresses
AD1:EID,AD2:EID,AD3:EID
AD1 AD2
Address Structure Application: Anti-Spoofing
1. Send P
2. Sent P? {nonce}A
3. Yes! { hash(P), nonce } K-1A
Signed with private key corresponding to EID A