Go to DBLP homepageIB-SC: Simplify Key Management to Enable Quick Start for Short-session Path Validation
Abstract: In the current Internet architecture, path validation protocols enable the source host to accurately trace the forwarding path of packets, thereby preventing degradation in the quality and security of network services. However, these protocols typically rely on Public Key Infrastructure (PKI), which can theoretically result in a storage overhead of at least 64 PB. To address this issue, we propose an Identity-Based Path Validation Protocol (IB-SC). This protocol leverages a trusted third party equipped with a public-private key pair to distribute identity keys to network nodes. The identities of these nodes, along with the public key of the third party, are used to validate packet signatures. Furthermore, we designed a Source Commitment (SC) mechanism that commits to parameters of future packets to further enhance the performance of the IB-SC protocol. Evaluation results demonstrate that the IB-SC protocol eliminates the overhead associated with PKI and session key management. Compared to the Atomos protocol, which provides similar security levels, IB-SC reduces the signature space overhead by 73.4%, the packet construction and processing delay by 8.4% and 62.1%.
External IDs:dblp:conf/icdcs/MiaoWH0QLWL25
Loading