K.E. Sirios and S.T. Kent. Securing the Nimrod Routing Architecture. In Proc. of the 1997.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....be much looser. Another advantage of using geographical leashes in conjunction with a signature scheme (i.e. a signature providing non repudiation) is that an attacker can be caught if it pretends to reside at multiple locations. This use of non repudiation was also proposed by Sirois and Kent [39]. When a legitimate node overhears the attacker claiming to be in different locations that would only be possible if the attacker could travel at a velocity above the maximum node velocity #, the legitimate node can use the signed locations to convince other legitimate nodes that the attacker is ....

Karen E. Sirois and Stephen T. Kent. Securing the Nimrod Routing Architecture. In Proceedings of the 1997.

....using the location information approach to constructing a leash, in conjunction with a signature scheme (i.e. a signature providing non repudiation) is that an attacker can be caught if it pretends to reside at multiple locations. This use of non repudiation was also proposed by Sirois and Kent [43]. When a legitimate node overhears the attacker claiming to be in different locations that would only be possible if the attacker could travel at a velocity above the maximum node velocity #, the legitimate node can use the signed locations to convince other legitimate nodes that the attacker is ....

Karen E. Sirois and Stephen T. Kent. Securing the Nimrod Routing Architecture. In Symposium on Network and Distributed Systems Security (NDSS '97), San Diego, California, February 1997.

.... communications of network management and control software, but it either has been inadequate, such as the use of SNMP community strings for protecting SNMP requests, is still being developed, such as SNMPv3, or is still in the research stage, such as mechanisms to protect routing protocols [10, 11, 12]. The use of encryption at the network layer and below to protect communications in non classified networks until recently has been limited to the banking and financial industries. Work within the IEEE to standardize encryption for 802 based layer 2 communications has not seen significant ....

Karen E. Sirois and Stephen T. Kent, "Securing the nimrod routing architecture," ISOC Symposium on Network and Distributed System Security, San Diego, CA., 1997, pp. 74-84.

....OSPF, ISIS) is clear text passwords. The sniffer attacks demonstrate that clear text passwords are not strong enough protection. Cryptographic protection of source authenticity and message integrity provides stronger protection. Considerable work has been done to secure various routing protocols [30, 37, 17, 10, 24, 36, 18, 35]. In many of these approaches, public key digital signatures are used to provide authenticity and integrity of routing messages. Using digital signatures by itself does not protect against the internal threat of a faulty router. However, it does protect routing information against faulty ....

K.E. Sirois and S.T. Kent, Securing the Nimrod Routing Architecture, Proc.

.... [20] report on dynamic routing protocols, Kumar s and Crowcroft s [34] paper on inter domain routing protocols, Murphy s and Badger s [47] paper on OSPF, Smith s and Garcia Luna Aceves s [63] paper on BGP, Hauser s, Przygienda s, and Tsudik s [26] paper on link state routing, Sirois s and Kent s [62] paper on Nimrod, and Smith s, Murthy s, and Garcia Luna Aceves s [64] paper on distance vector routing protocols. This chapter presents an efficient message authentication scheme for protecting control packets in link state routing. Previous work such as [50, 51, 47, 26] either is very expensive ....

K.E. Sirois, and S.T. Kent, "Securing the Nimrod Routing Architecture." Proceedings of the Symposium on Network and Distributed System Security (SNDSS '97), San Diego, California, February 10-11, 1997, pp.74-84.

.... general and Cartesian routing in particular, Kumar s and Crowcroft s [8] paper on inter domain routing protocols, Murphy s and Badger s [14] paper on OSPF, Smith s and Garcia Luna Aceves s [21] paper on BGP, Hauser s, Przygienda s, and Tsudik s [4] paper on link state routing,Sirois s and Kent s [20] paper on Nimrod, and Smith s, Murthy s, and Garcia Luna Aceves s [22] paper on distance vector routing protocols. This paper presents an efficient message authentication scheme for protecting control packets in link state routing. Previous work such as [16, 17, 14, 4] either is very expensive ....

K. Sirois and S. Kent. Securing the Nimrod routing architecture. In Proceedings of the Symposium on Network and Distributed System Security (SNDSS '97), pages 74--84, February 1997.

....and National Science Foundation under grant ECS 94 22688. y On leave from Universit a di Milano. cryptographic keys, one could force a user to use less secure, expired keys) Several designs based on cryptography have been proposed to secure routing infrastructures (see, for example, [4, 14, 17, 18, 20]) These designs typically rely on a key management infrastructure that must be as large as the routing network itself and that is resilient to faults. The key management problem has not been completely solved even for relatively small networks. Therefore, performing secure and fault tolerant key ....

....preemption throughout the entire per group. In this case a malicious node could not affect the preemption process; thus, a resolution of the fault could be performed in a much more expeditious manner. 9 Related work Most routing infrastructure protection mechanisms that have been proposed (see [4, 14, 17, 18]) differ from our approach because they are preventive in that they use cryptographic services to secure the routing protocols. Hauser et al. 6] while still proposing a preventive methodology based on the work in [14] propose to reduce the cost of cryptographic protection by optimizing the ....

K.E. Sirios and S.T. Kent. Securing the Nimrod Routing Architecture. In Proc. of the 1997 Symposium on Network and Distributed System Security (NDSS'97), pages 74--84, San Diego, CA, February 1997.

....detailed description of this service. Full papers describing the key management service and its underlying proactive secret sharing protocol in asynchronous system are in preparation. 4 Related Work 4. 1 Secure routing Secure routing in networks such as the Internet has been extensively studied [36, 27, 30, 45, 46, 18]. Many proposed approaches are also applicable to secure routing in ad hoc networks. To deal with external attacks, standard schemes such as digital signatures to protect information authenticity and integrity have been considered. For example, Sirios and Kent [45] propose the use of a keyed ....

....studied [36, 27, 30, 45, 46, 18] Many proposed approaches are also applicable to secure routing in ad hoc networks. To deal with external attacks, standard schemes such as digital signatures to protect information authenticity and integrity have been considered. For example, Sirios and Kent [45] propose the use of a keyed one way hash function with windowed sequence number for data integrity in point to point communication and the use of digital signatures to protect messages sent to multiple destinations. Perlman [36] studies how to protect routing information from compromised routers ....

[Article contains additional citation context not shown here]

K. E. Sirois and S. T. Kent. Securing the Nimrod routing architecture. In Proceedings of Symposium on Network and Distributed System Security, pages 74--84, Los Alamitos, CA, February 1997. The Internet Society, IEEE Computer Society Press.

....secure the Border Gateway Protocol (BGP) 39] the work of [34, 40] to secure the OSPF unicast routing protocol [41, 42] and the work reported in [43] on the routing policy system security. Other efforts include [44] on link state routing, the work of [45] on distance vector routing protocols, and [46] on the Nimrod routing architecture. In the context of multicast routing, the earliest efforts are reported in [47] related to the Core Based Trees (CBT) protocol [3] More recently, the security of the Protocol Independent Multicast (PIM) protocol [5] particularly the PIM Sparse Mode has ....

K. E. Sirois and S. T. Kent, "Securing the nimrod routing architecture," in Proceedings of the 1997 Network and Distributed System Security Symposium, (San Diego), ISOC, 1997. 28

.... general and Cartesian routing in particular, Kumar s and Crowcroft s [8] paper on inter domain routing protocols, Murphy s and Badger s [14] paper on OSPF, Smith s and Garcia Luna Aceves s [21] paper on BGP, Hauser s, Przygienda s, and Tsudik s [4] paper on link state routing,Sirois s and Kent s [20] paper on Nimrod, and Smith s, Murthy s, and Garcia Luna Aceves s [22] paper on distance vector routing protocols. This paper presents an efficient message authentication scheme for protecting control packets in link state routing. Previous work such as [16, 17, 14, 4] either is very expensive ....

K. Sirois and S. Kent. Securing the Nimrod routing architecture. In Proceedings of the Symposium on Network and Distributed System Security (SNDSS '97), pages 74--84, February 1997.

....with predecessor information (i.e. path finding algorithm(PFA) Please note that PFA based protocols are in between link state and distance vector. In fact, we consider that PFA is still a link state protocol without fully replicating the routing tables. Furthermore, BBN recently developed one [8] for the Nimrod routing architecture. Most, if not all, secure schemes for attack prevention use some form of public key encryption, which is quite expensive. An Experimental Study of Insider Attacks for the OSPF Routing Protocol 4 Another approach is to detect (instead of prevent) problems ....

Karen E. Sirois, Stephen T. Kent, "Securing the Nimrod Routing Architecture", IEEE/ISOC Symposiums on Network and Distributed System Security, 1997.

....what its neighbors have said. They themselves could have been deceived. A solution will involve verifying the full path back to the owner of the network. And that in turn requires calculating and verifying many digital signatures, which is prohibitively expensive. While some work has been done [SK97, SMGLA97, HPT97, MB96], much more remains. Another interesting research area is providing adequate security for multicast sessions. While a number of protocols have been proposed, it is not clear that they are suitable. There are a number of reasons for this; prominent among them is that there is no one model for what ....

K.E. Sirois and S.T. Kent. Securing the nimrod routing architecture. In Proceedings of the Symposium on Network and Distributed System Security, pages 74--84, 1997.

No context found.

K.E. Sirios and S.T. Kent. Securing the Nimrod Routing Architecture. In Proc. of the 1997.

No context found.

K.E. Sirios and S.T. Kent. Securing the Nimrod Routing Architecture. In Proc. of the 1997.

No context found.

Karen E. Sirois and Stephen T. Kent. Securing the Nimrod Routing Architecture. In Proceedings of the 1997.

No context found.

Karen E. Sirois and Stephen T. Kent. Securing the Nimrod Routing Architecture. In Symposium on Network and Distributed Systems Security (NDSS '97), San Diego, California, February 1997.

No context found.

Karen E. Sirois and Stephen T. Kent. Securing the Nimrod Routing Architecture. In Proceedings of the 1997.

No context found.

K. Sirois and S. Kent. Securing the nimrod routing architecture. In Proceedings of the Symposium on Network and Distributed Systems Security (NDSS '97). Internet Society, Feb. 1997.

No context found.

K. Sirois and S. Kent. Securing the nimrod routing architecture. In Proceedings of the Symposium on Network and Distributed Systems Security (NDSS '97). Internet Society, Feb. 1997.

No context found.

Karen E. Sirois and Stephen T. Kent. Securing the Nimrod Routing Architecture. In Proceedings of the 1997.

No context found.

Karen E. Sirois and Stephen T. Kent. Securing the Nimrod Routing Architecture. In Proceedings of the 1997.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC