Download
1 / 3
30 likes | 141 Vues
The Accountable Internet Protocol (AIP) proposes innovative solutions to address the inherent security issues in current Internet architecture. By introducing a self-certifying naming scheme, it enables anti-spoofing measures, secure routing, and effective denial-of-service attack mitigations. This protocol architecture emphasizes fundamental accountability by creating an association between network addresses and the entities that own them. The AIP is designed to be a foundational layer for future protocols, addressing key security problems with practical point solutions for each issue.
E N D
Accountable Internet Protocol David Andersen (CMU)Hari Balakrishnan (MIT) Nick Feamster (Georgia Tech) Scott Shenker (Berkeley) http://www.aip-arch.net/
Many Security Problems/Point Solutions • For each problem, point solutions • Fundamental problem: accountability is not intrinsic to current Internet architecture
AD1 AD2 Accountable Internet Protocol • Key idea: New addressing for networks and hosts • Other protocols can use this property as foundation: (Anti-spoofing, secure routing, DDoS shut-off, etc.) • AD and EID are self-certifying flat names • AD = hash( public_key_of_AD ) • Self-certification binds name to named entity Address Structure Application: Anti-Spoofing 1. Send P Address = AD1:EID 2. Sent P? {nonce} A If multihomed, has multiple addressesAD1:EID,AD2:EID,AD3:EID 3. Yes! { hash(P), nonce } K-1 A Signed with private key corresponding to EID A
