Download presentation
Presentation is loading. Please wait.
1
Efficient and Secure Source Authentication with Packet Passports Xin Liu (UC Irvine) Xiaowei Yang (UC Irvine) David Wetherall (Univ. of Washington) Thomas Anderson (Univ. of Washington)
2
Outline Motivation Design High-Level Idea Challenges and Solutions Feasibility Analysis Related Work Summary
3
Denial-of-Service (DoS) Flooding Attack Victim This type of attack is prevailing Yahoo was knocked down in Feb 2000 Online extortion
4
General Approaches to Combat DoS Flooding Attacks Preventive Prevent DoS attacks from happening Capability System [Anderson03, Yarr04, Yang05] Ticket System [Patel97] Reactive Eliminate DoS attacks after they cause damage Filtering Our next step is to compare the two and pick the winner
5
Filtering is Difficult Filtering! Filtering By default, all traffic is allowed to pass Victim requests to install filters to remove attack traffic Challenges Installing filters close to the attack sources Describing attack traffic in filter description Any field of a packet can be forged, including source IP address
6
Authentic Source Identifier can Help Advantages Showing where a packet comes from Serving as a traffic descriptor in filters Source IP address is not verifiable Cannot be trusted unless spoofing is totally eliminated Routers may be compromised Filter: SrcID=X Filter: SrcID=Y SrcID=X SrcID=Y
7
Outline Motivation Design High-Level Idea Challenges and Solutions Feasibility Analysis Related Work Summary
8
Our Solution: Packet Passport System IP HeaderPassportPayload IP Packet Goal of a passport: providing an authentic source identifier that routers can verify independently at packet forwarding time
9
Requirements A passport must be: Unforgeable Efficient to generate and verify Digital signature: computationally expensive The packet passport system must: Bootstrap with minimum out-of-band communication Be robust against DoS attacks
10
High Level Idea K(A,R) K(A,B) K(A,R) K(R,B) K(A,B) K(R,B) IP Packet R MAC R B MAC B A Passport IP Packet R MAC R B MAC B A Passport IP Packet R MAC R B MAC B A Passport AB R MAC R =MAC K(A,R) (A, R, B, SrcIP, DstIP, …) MAC: Message Authentication Code K(X,Y): Symmetric key shared between two nodes X and Y Source Identifier
11
Challenges Scalability Too many keys Path in passport too long How to establish secret keys Bootstrapping key distribution messages can not contain passports Key distribution messages may be dropped due to DoS attacks Packets with valid passports may be replayed to launch DoS attacks
12
Two-Level Hierarchy for Scalability Intra-domain Identifier AS 2 MAC 2 AS 3 MAC 3 AS 1 Passport Intra-domain Identifier Passport K(AS 1,AS 2 ) K(AS 1,AS 3 ) AS 1 K(AS 1,AS 2 ) K(AS 2,AS 3 ) K(AS 1,AS 3 ) K(AS 2,AS 3 ) AS 2 AS 3 R1R1 R2R2 R3R3 R4R4 R5R5 R6R6 AB
13
Limitation of Two-Level Hierarchy Only the source domain can verify intra- domain identifiers Filters may not be effective when source domain forges arbitrary intra-domain identifiers Counter-measure: blocking the source domain
14
Implementation of Intra-domain Identifier is Flexible Each domain can implement intra-domain identifier in its own way Source IP address (if source spoofing is prevented inside a domain) Message authentication code
15
Key Distribution via BGP AS 1 AS 2 10.1.0.0/16 10.2.0.0/16 eBGP 10.1.0.0/16 Prefix Announcement 1 10.2.0.0/16 Prefix Announcement 2 Diffie-Hellman Key Exchange
16
Benefits of Key Distribution via BGP Allowing key distribution to bootstrap eBGP session between adjacent domains can be authenticated without passports [RFC3682] Robust against DoS flooding attack BGP is a closed system: BGP traffic can get higher priority Supporting incremental deployment can be carried in optional and transitive path attribute
17
Securing Key Distribution is signed with AS i ’s private key AS i ’s public key is distributed like AS i ’s public key is bound to AS i using the same mechanism that binds a prefix to a domain Reusing the PKI that secures routing: public key certification by CAs
18
Preventing Replay Attack Problem: attack traffic cannot be cut off Why replay attack prevention is difficult? Timestamp: time synchronization between domains Sequence number: synchronization inside a domain Our Solution Bloom Filter + Fast Re-keying A BCompromised Router Too much traffic from A! Block him!
19
Bloom Filter to Detect Duplication AS 4 AS 3 AS 2 AS 1 ID=100 Bloom Filter AS 1,100 ID=100 Limitation: a bloom filter cannot remember a passport for a long time 16Mb SRAM can “remember” 2.5Gbps traffic for 5 seconds with a false positive rate of 5.7×10 -6
20
Hash chain Fast Re-keying K(AS 1,AS 2 ) K 1 (AS 1,AS 2 ) K 200 (AS 1,AS 2 ) K 1000 (AS 1,AS 2 ) AS 1 AS 2 AS 3 AS 4 … … KeyIdx=200 KeyIdx=100 200 K m (AS 1,AS 2 )=HASH m (K(AS 1,AS 2 ))
21
Passport Verification Process Receive a packet KeyIdx too large? MAC valid?Duplicate? Forward the packet Discard/demote the packet Yes No Yes No
22
Supporting Incremental Deployment Key distribution messages are wrapped in optional and transitive path attributes in prefix announcements Passport can be implemented as a shim layer AS path in a passport only includes those that have deployed packet passport system
23
AS 1 Incentives for Early Adoption No domains can spoof AS 1 ’s source identifier at AS 2 AS 2 can filter DoS attack traffic from AS 1 AS 1 can locate attack sources within itself AS 2 Passport Enabled Passport Enabled AS 3
24
Other Applications Fair resource allocation Restricting/eliminating reflector attacks Deterring future attacks
25
Feasibility Analysis Practical with today’s hardware technology Passport generation and validation: with UMAC, a commodity PC can generate 975K passports and verify 3.9M passports per second Key distribution: computation, communication and storage cost almost negligible Bloom filter: 16Mb SRAM can “remember” 2.5Gbps traffic for 5 seconds with a false positive rate of 5.7×10 -6
26
Related Work Our key advantage: stronger authentication Source address validation: Ingress/egress filtering, reverse path filtering, SAVE [Li02] Source address not verifiable Path as the identifier: Path Identifier [Yaar03], Active Internet Traffic Filtering [Argyraki05] First portion of the path spoofable Authenticated Marking Scheme [Song01] Not verifiable at packet forwarding time Spoofing Prevention Method [Bremler-Barr05] Secret in plain text; secret distribution problematic TVA [Yang05], Ticket System [Patel97], Visa Protocol [Estrin89] Request channel vulnerable
27
Summary A packet passport efficiently and securely authenticates the source of a packet. The system is incrementally deployable with incentives for early adoption. The system is practical with today’s hardware technology. Future Work Improvement to replay attack prevention Design and implementation of an automatic filtering system
28
Packet Passport Format
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.