Presentation is loading. Please wait.

Presentation is loading. Please wait.

Efficient and Secure Source Authentication with Packet Passports Xin Liu (UC Irvine) Xiaowei Yang (UC Irvine) David Wetherall (Univ. of Washington) Thomas.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Efficient and Secure Source Authentication with Packet Passports Xin Liu (UC Irvine) Xiaowei Yang (UC Irvine) David Wetherall (Univ. of Washington) Thomas."— Presentation transcript:

1 Efficient and Secure Source Authentication with Packet Passports Xin Liu (UC Irvine) Xiaowei Yang (UC Irvine) David Wetherall (Univ. of Washington) Thomas Anderson (Univ. of Washington)

2 Outline Motivation Design High-Level Idea Challenges and Solutions Feasibility Analysis Related Work Summary

3 Denial-of-Service (DoS) Flooding Attack  Victim This type of attack is prevailing Yahoo was knocked down in Feb 2000 Online extortion

4 General Approaches to Combat DoS Flooding Attacks Preventive Prevent DoS attacks from happening Capability System [Anderson03, Yarr04, Yang05] Ticket System [Patel97] Reactive Eliminate DoS attacks after they cause damage Filtering Our next step is to compare the two and pick the winner

5 Filtering is Difficult  Filtering! Filtering By default, all traffic is allowed to pass Victim requests to install filters to remove attack traffic Challenges Installing filters close to the attack sources Describing attack traffic in filter description Any field of a packet can be forged, including source IP address

6 Authentic Source Identifier can Help Advantages Showing where a packet comes from Serving as a traffic descriptor in filters Source IP address is not verifiable Cannot be trusted unless spoofing is totally eliminated Routers may be compromised  Filter: SrcID=X Filter: SrcID=Y SrcID=X SrcID=Y

7 Outline Motivation Design High-Level Idea Challenges and Solutions Feasibility Analysis Related Work Summary

8 Our Solution: Packet Passport System IP HeaderPassportPayload IP Packet Goal of a passport: providing an authentic source identifier that routers can verify independently at packet forwarding time

9 Requirements A passport must be: Unforgeable Efficient to generate and verify Digital signature: computationally expensive The packet passport system must: Bootstrap with minimum out-of-band communication Be robust against DoS attacks

10 High Level Idea K(A,R) K(A,B) K(A,R) K(R,B) K(A,B) K(R,B) IP Packet R MAC R B MAC B A Passport IP Packet R MAC R B MAC B A Passport IP Packet R MAC R B MAC B A Passport AB R MAC R =MAC K(A,R) (A, R, B, SrcIP, DstIP, …) MAC: Message Authentication Code K(X,Y): Symmetric key shared between two nodes X and Y Source Identifier

11 Challenges Scalability Too many keys Path in passport too long How to establish secret keys Bootstrapping key distribution messages can not contain passports Key distribution messages may be dropped due to DoS attacks Packets with valid passports may be replayed to launch DoS attacks

12 Two-Level Hierarchy for Scalability Intra-domain Identifier AS 2 MAC 2 AS 3 MAC 3 AS 1 Passport Intra-domain Identifier Passport K(AS 1,AS 2 ) K(AS 1,AS 3 ) AS 1 K(AS 1,AS 2 ) K(AS 2,AS 3 ) K(AS 1,AS 3 ) K(AS 2,AS 3 ) AS 2 AS 3 R1R1 R2R2 R3R3 R4R4 R5R5 R6R6 AB

13 Limitation of Two-Level Hierarchy Only the source domain can verify intra- domain identifiers Filters may not be effective when source domain forges arbitrary intra-domain identifiers Counter-measure: blocking the source domain

14 Implementation of Intra-domain Identifier is Flexible Each domain can implement intra-domain identifier in its own way Source IP address (if source spoofing is prevented inside a domain) Message authentication code

15 Key Distribution via BGP AS 1 AS 2 10.1.0.0/16 10.2.0.0/16 eBGP 10.1.0.0/16 Prefix Announcement 1 10.2.0.0/16 Prefix Announcement 2 Diffie-Hellman Key Exchange

16 Benefits of Key Distribution via BGP Allowing key distribution to bootstrap eBGP session between adjacent domains can be authenticated without passports [RFC3682] Robust against DoS flooding attack BGP is a closed system: BGP traffic can get higher priority Supporting incremental deployment can be carried in optional and transitive path attribute

17 Securing Key Distribution is signed with AS i ’s private key AS i ’s public key is distributed like AS i ’s public key is bound to AS i using the same mechanism that binds a prefix to a domain Reusing the PKI that secures routing: public key certification by CAs

18 Preventing Replay Attack Problem: attack traffic cannot be cut off Why replay attack prevention is difficult? Timestamp: time synchronization between domains Sequence number: synchronization inside a domain Our Solution Bloom Filter + Fast Re-keying A BCompromised Router Too much traffic from A! Block him!

19 Bloom Filter to Detect Duplication AS 4 AS 3 AS 2 AS 1 ID=100 Bloom Filter AS 1,100 ID=100 Limitation: a bloom filter cannot remember a passport for a long time 16Mb SRAM can “remember” 2.5Gbps traffic for 5 seconds with a false positive rate of 5.7×10 -6

20 Hash chain Fast Re-keying K(AS 1,AS 2 ) K 1 (AS 1,AS 2 ) K 200 (AS 1,AS 2 ) K 1000 (AS 1,AS 2 ) AS 1 AS 2 AS 3 AS 4 … … KeyIdx=200 KeyIdx=100 200 K m (AS 1,AS 2 )=HASH m (K(AS 1,AS 2 ))

21 Passport Verification Process Receive a packet KeyIdx too large? MAC valid?Duplicate? Forward the packet Discard/demote the packet Yes No Yes No

22 Supporting Incremental Deployment Key distribution messages are wrapped in optional and transitive path attributes in prefix announcements Passport can be implemented as a shim layer AS path in a passport only includes those that have deployed packet passport system

23 AS 1 Incentives for Early Adoption No domains can spoof AS 1 ’s source identifier at AS 2 AS 2 can filter DoS attack traffic from AS 1 AS 1 can locate attack sources within itself AS 2 Passport Enabled Passport Enabled AS 3

24 Other Applications Fair resource allocation Restricting/eliminating reflector attacks Deterring future attacks

25 Feasibility Analysis Practical with today’s hardware technology Passport generation and validation: with UMAC, a commodity PC can generate 975K passports and verify 3.9M passports per second Key distribution: computation, communication and storage cost almost negligible Bloom filter: 16Mb SRAM can “remember” 2.5Gbps traffic for 5 seconds with a false positive rate of 5.7×10 -6

26 Related Work Our key advantage: stronger authentication Source address validation: Ingress/egress filtering, reverse path filtering, SAVE [Li02] Source address not verifiable Path as the identifier: Path Identifier [Yaar03], Active Internet Traffic Filtering [Argyraki05] First portion of the path spoofable Authenticated Marking Scheme [Song01] Not verifiable at packet forwarding time Spoofing Prevention Method [Bremler-Barr05] Secret in plain text; secret distribution problematic TVA [Yang05], Ticket System [Patel97], Visa Protocol [Estrin89] Request channel vulnerable

27 Summary A packet passport efficiently and securely authenticates the source of a packet. The system is incrementally deployable with incentives for early adoption. The system is practical with today’s hardware technology. Future Work Improvement to replay attack prevention Design and implementation of an automatic filtering system

28 Packet Passport Format

Download ppt "Efficient and Secure Source Authentication with Packet Passports Xin Liu (UC Irvine) Xiaowei Yang (UC Irvine) David Wetherall (Univ. of Washington) Thomas."

Similar presentations

A Threat Model for BGPSEC

A Threat Model for BGPSEC
A Threat Model for BGPSEC Steve Kent BBN Technologies.

A Threat Model for BGPSEC Steve Kent BBN Technologies.
A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,

A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,
Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Chris Karlof and David Wagner

Chris Karlof and David Wagner
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Using Capability to prevent Internet Denial-of-Service attacks  Tom Anderson  Timothy Roscoe  David Wetherall  Offense Team –Khoa To –Amit Saha.

Using Capability to prevent Internet Denial-of-Service attacks  Tom Anderson  Timothy Roscoe  David Wetherall  Offense Team –Khoa To –Amit Saha.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
NPLA: Network Prefix Level Authentication Ming Li,Yong Cui,Matti Siekkinen,Antti Ylä-Jääski Aalto University, Finland Tsinghua University, China.

NPLA: Network Prefix Level Authentication Ming Li,Yong Cui,Matti Siekkinen,Antti Ylä-Jääski Aalto University, Finland Tsinghua University, China.
FastPass: Availability Tokens to Defeat DoS Presented at CMU Systems Seminar by: Dan Wendlandt Work with: David Andersen & Adrian Perrig.

FastPass: Availability Tokens to Defeat DoS Presented at CMU Systems Seminar by: Dan Wendlandt Work with: David Andersen & Adrian Perrig.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.

Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.
Authentication & Kerberos

Authentication & Kerberos
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Overview of Distributed Denial of Service (DDoS) Wei Zhou.

Overview of Distributed Denial of Service (DDoS) Wei Zhou.
Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.

Hash-Based IP Traceback Best Student Paper ACM SIGCOMM’01.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung(1203584897) Sriram Gopinath(1203800749)

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

Similar presentations

Ads by Google