SAVAH: Source Address Validation with Host Identity Protocol

Dmitriy Kuptsov; Andrei Gurtov

Security and Privacy in Mobile Information and Communication Systems. First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers

Research Article

SAVAH: Source Address Validation with Host Identity Protocol

Download

518 downloads

Cite: BibTeX Plain Text

@INPROCEEDINGS{10.1007/978-3-642-04434-2_17,
    author={Dmitriy Kuptsov and Andrei Gurtov},
    title={ SAVAH: Source Address Validation with Host Identity Protocol },
    proceedings={Security and Privacy in Mobile Information and Communication Systems. First International ICST Conference, MobiSec 2009, Turin, Italy, June 3-5, 2009, Revised Selected Papers},
    proceedings_a={MOBISEC},
    year={2012},
    month={5},
    keywords={Security Authentication LAN HIP},
    doi={10.1007/978-3-642-04434-2_17}
}

Dmitriy Kuptsov
Andrei Gurtov
Year: 2012
SAVAH: Source Address Validation with Host Identity Protocol
MOBISEC
Springer
DOI: 10.1007/978-3-642-04434-2_17

Dmitriy Kuptsov¹^,*, Andrei Gurtov¹^,*

1: Helsinki University of Technology

*Contact email: dmitriy.kuptsov@hiit.fi, gurtov@hiit.fi

Abstract

Explosive growth of the Internet and lack of mechanisms that validate the authenticity of a packet source produced serious security and accounting issues. In this paper, we propose validating source addresses in LAN using Host Identity Protocol (HIP) deployed in a first-hop router. Compared to alternative solutions such as CGA, our approach is suitable both for IPv4 and IPv6. We have implemented SAVAH in Wi-Fi access points and evaluated its overhead for clients and the first-hop router.

Keywords: Security Authentication LAN HIP

Published: 2012-05-17

: http://dx.doi.org/10.1007/978-3-642-04434-2_17