Security and Trust of Public Key Cryptography for HIP and HIP Multicast

Host Identity Protocol (HIP) gives cryptographically verifiable identities to hosts. These identities are based on public key cryptography and consist of public and private keys. Public keys can be stored, together with corresponding IP addresses, in DNS servers. When entities are negotiating on a H...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of dependable and trustworthy information systems 2011-07, Vol.2 (3), p.17-35
Hauptverfasser: K.C, Amir, Forsgren, Harri, Grahn, Kaj, Karvi, Timo, Pulkkis, Göran
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Host Identity Protocol (HIP) gives cryptographically verifiable identities to hosts. These identities are based on public key cryptography and consist of public and private keys. Public keys can be stored, together with corresponding IP addresses, in DNS servers. When entities are negotiating on a HIP connection, messages are signed with private keys and verified with public keys. Even if this system is quite secure, there is some vulnerability concerning the authenticity of public keys. The authors examine some possibilities to derive trust in public parameters. These are DNSSEC and public key certificates (PKI). Especially, the authors examine how to implement certificate handling and what is the time complexity of using and verifying certificates in the HIP Base Exchange. It turned out that certificates delayed the HIP Base Exchange only some milliseconds compared to the case where certificates are not used. In the latter part of our article the authors analyze four proposed HIP multicast models and how they could use certificates. There are differences in the models how many times the Base Exchange is performed and to what extent existing HIP specification standards must be modified.
ISSN:1947-9050
1947-9069
DOI:10.4018/jdtis.2011070102