1 / 8

Authentication for Fragments

Authentication for Fragments. Craig Partridge BBN Technologies craig@bbn.com. The Problem. Packet (Fragments). An Intermittent Link Comes Up. Router. Which Fragment Do You Send?. Why An Issue?. New network scenarios with intermittent (potentially) oversubscribed links

imelda
Télécharger la présentation

Authentication for Fragments

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authentication for Fragments Craig Partridge BBN Technologies craig@bbn.com

  2. The Problem Packet (Fragments) An Intermittent Link Comes Up Router Which Fragment Do You Send?

  3. Why An Issue? • New network scenarios with intermittent (potentially) oversubscribed links • A desire to send the most valuable traffic first • Large native unit of authentication • Mobigrams • DTN bundles

  4. Starting Assumptions • “Datagram” may be (re)fragmented at any point in the data and at any time (including during transmission) • Fragments do not all follow the same path

  5. Bytes 1..j Auth Unit P+1 Bytes k..n Auth Unit P “Datagram” may be (re)fragmented at any point in the data and at any time (including during transmission • Nice assumption • Can pre-empt fragments during transmission • Very general • Apparently untenable • Creates unauthenticatable fragments • Creates new style of attack on fragments • Must fragment on boundaries determined by origin (ugh!)

  6. Fragments do not all follow same path • Distributed Romanow-Floyd problem • Fragment lost on path 1 means fragments on path 2 now can only do harm, yet path 2 must treat them as valuable • Shared keys problematic • Every fragmentation point has private key with each origin? • Public key signatures are BIG • Either • Each fragment is self authenticating (see PK is BIG) • Or we distribute aggregated authentication information down all possible paths (can we make it small enough?)

  7. Can We Make Authentication Information Small Enough? • An idea: send function definition, not signature • Implies result of function is known • E.g. fragment #5 has digital hash of 5 • Such functions exist… • But either compact in representation OR strong enough to provide digital signature • NOT both (yet!) • Why this is a HOTNETS paper

  8. While I Take Questions… • This builds on prior work • Kent/Mogul, “Fragmentation Considered Harmful” • Romanow/Floyd, “Dynamics of TCP Traffic over ATM Networks” • Matthis/Heffner/Chandler, “Fragmentation Considered Very Harmful” • Toilet paper authentication ideas in DTN list

More Related