Hindering Eavesdropping via IPv6 Opportunistic Encryption
نویسندگان
چکیده
This paper presents an opportunistic encryption scheme strictly layered on top of IPv6. Assuming that a node needs to send data toward another node, our proposal enables the dynamic configuration of an encrypted tunnel between the two nodes’ IPsec gateways. The main contribution of this paper is to propose a solution that is fully distributed and does not rely on any global Trusted Third Party (such as DNSSEC or a PKI). The IPsec gateways are discovered using IPv6 anycast, and they derive authorization from authorization certificates and Crypto-Based Identifiers (CBIDs). The result is a robust and easily deployable opportunistic encryption service for IPv6.
منابع مشابه
Opportunistic Encryption Everywhere
Many of the core Internet protocols were designed for a less hostile network than the average packet finds itself in today. Many hosts are connecting over shared-key or open wireless networks where eavesdropping is trivial. On a larger scale, ISPs are experimenting with institutional sniffing where the clickstreams of the majority of users are observed and sold for their marketing value. Like t...
متن کاملSimple Opportunistic Encryption
Network traffic encryption is becoming a requirement, not an option. Enabling encryption will be a communal effort so a solution that gives partial benefits until fully deployed is needed. A solution that requires little changes to existing infrastructure will also help as it can be quickly deployed to give immediate shortterm benefits. We argue that tcpcrypt, a TCP option for opportunistic enc...
متن کاملssmail: Opportunistic Encryption in sendmail
Much electronic mail is sent unencrypted, making it vulnerable to passive eavesdropping. We propose to protect email privacy by building encryption functionality into ESMTP mailers. Our solution, ssmail, provides fast, simple encryption for sendmail that does not require user intervention or reliance on public key infrastructure. We added a small number of steps to an ESMTP session, thereby all...
متن کاملSecure Multicast Group Communication Scheme in Wireless IPv6 Networks
Key management is one of the challenging issues in group communications. It is generally used to secure multicast data transmission as well as preventing potential eavesdropping by malicious attackers. Group security key should be maintained for data encryption, while group key update and dissemination processes are required when a new user joins or leaves the group, which eventually lead to hi...
متن کاملSecured Route Optimization and Micro-mobility with Enhanced Handover Scheme in Mobile IPv6 Networks
خسارات وارد شده به شبکه گاز شهری در یک زلزله میتواند زیانهای زیادی از جمله خسارت ناشی از آتشسوزی در شبکه زیر ساخت، و خسارت ناشی از قطع خدمات رسانی، تعمیر و تعویض اعضای شبکه، را در بر داشته باشد. در این مقاله یک مدل آتشسوزی پیشنهاد شده است. مدل پیشنهادی در یک مدل نیمه احتمالاتی مرسوم برای برآورد خسارتهای مختلف ناشی از آسیب دیدن شبکه گاز شهری، به کار برده شده است. هدف از این کار توسعه یک ابز...
متن کامل