Subtransport Level: The Right Place for End-to-End Security Mechanisms

We argue that end-to-end authentication and privacy in loosely-coupled distributed systems are not only achievable by mechanisms at the host-to-host (i.e., subtransportl level under generally satisfiable conditions, but that this solution can be more advantageous than those based on security mechanisms at higher levels of the protocol hierarchy in terms of both functionality and performance. We introduce a model of communication security and a subtransport-level protocol called ADP (the Authenticated Datagram Protocol\, which provides end-to-end authentication and privacy consistently with the definitions of the model. We then discuss the advantages of the subtransport approach. and present some experimental results from the measurement of a prototype of ADP that confirm the expected performance benefits of this approach. This research Willi supported by the Defense Advanced Research Projects Agency (DoDl, ARPA Order No. 4871, monitored by the Naval Electronic Systems Command under Contract No. N00039-84-C-0089, by the IBM Corporation, by Olivetti S.p.A., by MICOM-Interlan, Inc., by CSELT S.p.A., and by the University of California under the MICRO Program. The views and conclusions contained in this document are th011e of the authors, and should not be interpreted 1111 representing official policies, either expressed or implied, of any of the sponsoring agencies or corporations. '1 l 1