T-IP: A Self-Trustworthy and Secure Internet Protocol

T-IP: A Self-Trustworthy and Secure Internet Protocol

下载PDF

导出

摘要 IPsec has become an important supplement of IP to provide security protection. However, the heavyweight IPsec has a high transmission overhead and latency, and it cannot provide the address accountability. We propose the self-trustworthy and secure Internet protocol(T-IP) for authenticated and encrypted network layer communications. T-IP has the following advantages:(1) Self-Trustworthy IP address.(2) Low connection latency and transmission overhead.(3) Reserving the important merit of IP to be stateless.(4) Compatible with the existing TCP/IP architecture. We theoretically prove the security of our shared secret key in T-IP and the resistance to the known session key attack of our security-enhanced shared secret key calculation. Moreover, we analyse the possibility of the application of T-IP, including its resilience against the man-in-the-middle attack and Do S attack. The evaluation shows that T-IP has a much lower transmission overhead and connection latency compared with IPsec. IPsec has become an important supplement of IP to provide security protec- tion. However, the heavyweight IPsec has a high transmission overhead and latency, and it cannot provide the address accountability. We propose the self-trustworthy and secure Internet protocol （T-IP） for authenticated and encrypted network layer communications. T-IP has the following advantages：（1） Self-Trust- worthy IP address. （2） Low connection latency and transmission overhead. （3） Reserving the important merit of IP to be stateless. （4） Com- patible with the existing TCP/IP architecture. We theoretically prove the security of our shared secret key in T-IP and the resistance to the known session key attack of our secu- rity-enhanced shared secret key calculation. Moreover, we analyse the possibility of the application of T-IP, including its resilience against the man-in-the-middle attack and DoS attack. The evaluation shows that T-IP has a much lower transmission overhead and con- nection latency compared with IPsec.

作者 Xiaofeng Wang Huan Zhou Jinshu Su Baosheng Wang Qianqian Xing Pengkun Li

机构地区 School of Computer

出处《China Communications》 SCIE CSCD 2018年第2期1-14,共14页 中国通信（英文版）

基金 supported by the national key research and development program under grant 2017YFB0802301 Guangxi cloud computing and large data Collaborative Innovation Center Project

关键词 identity-based cryptography self-trustworthy LIGHTWEIGHT low latency in-cremental deployment 因特网协议安全关键 IPsec TCP/IP 传播网络层建筑学攻击

分类号 TP393.04 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献1

1曹丹,王小峰,王飞,胡乔林,苏金树.SA-IBE:一种安全可追责的基于身份加密方案[J].电子与信息学报,2011,33(12):2922-2928. 被引量：7

二级参考文献22

1Shamir A. Identity-based cryptosystems and signature schemes[C]. Advances in Cryptology-CRYPTO'84, Springer- Verlag, 1984: 47-53.
2Boneh D and Franklin M. Identity-based encryption from the Well pairing[C]. Advances in Cryptology-CRYPTO'01, Springer-Verlag, 2001: 213-229.
3Lewko A and Waters B. New techniques for dual system encryption and fully secure HIBE with short ciphertexts[C]. The Seventh Theory of Cryptography Conference(TCC'10), Springer-Verlag, 2010: 455-479.
4Agrawal S, Boneh D, and Boyen X, Efficient lattice (H)IBE in the standard model[C]. Advances in Cryptology- EUROCRYPT'10, Springer-Verlag, 2010: 553-572.
5Herranz J, Laguillaumie F, and Rhfols C. Constant size ciphertexts in threshold attribute-based encryption[C]. Public Key Cryptography-PKC 2010, Springer-Verlag, 2010: 19-34.
6Zhou Z and Huang D. On efficient ciphertext-policy attribute based encryption and broadcast encryption[Z], http:// eprint.iacr.org/2010/395.2010.
7Lewko A, Okamoto T, Sahai A, et al.. Fully secure functional encryption: attribute-based encryption and (Hierarchical) inner product encryption[C]. Advances in Cryptology- EUROCRYPT'10, Springer-Verlag, 2010: 62-91.
8Yu S, Wang C, Ren K, et al.. Attribute based data sharing with attribute revocation [C]. ASIACCS'10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, Beijing, China, 2010: 261-270.
9Lewko A, Sahai A, and Waters B. Revocation systems with very small private keys[C]. IEEE Symposium on Security and Privacy, Los Alamitos, CA, USA, 2010: 273-285.
10Goyal V, Pandey O, Sahai A, et al.. Attribute-based encryption for fine-grained access control of encrypted data[C]. CCS'06: Proceedings of the 13th ACM Conference on Computer and Communications Security, Alexandria, Virginia, USA, 2006: 89-98.

共引文献6

1明洋,韩娟,张琳,周俊.标准模型下基于身份第三方受约束匿名加密方案[J].计算机工程与科学,2015,37(2):269-275. 被引量：1
2王小峰,陈培鑫,周寰,苏金树.一种可信安全的层次式基于身份加密系统[J].电子学报,2016,44(7):1521-1529. 被引量：3
3王宏,李建华,赖成喆.基于身份密码的机载自组织网络动态密钥管理[J].电子与信息学报,2018,40(8):1985-1991. 被引量：7
4柴林鹏,张斌.一种抗不诚实第三方攻击的一次性公钥方案[J].计算机科学,2018,45(7):139-142.
5高海英,魏铎.具有小规模公开参数的适应安全的非零内积加密方案[J].电子与信息学报,2020,42(11):2698-2705. 被引量：1
6周景贤,刘惠悦,周亚建,吕宗平.面向区块链的航空自组网密钥管理方案[J].北京邮电大学学报,2023,46(1):63-68.

1宋素丽.IP、纪录片与文创产业——浅谈纪录片《新疆味道》的创作与运营[J].新疆艺术（汉文）,2017(4):120-122. 被引量：1
2MA Hua,HU Zhigang,CAI Meiling.Trustworthy Service Selection Integrating Cloud Model and Possibility Degree Ranking of Interval Numbers[J].Chinese Journal of Electronics,2017,26(6):1177-1183.
3ZHU Wenqiang.A Trustworthy Group Identifying Trust Metric for P2P Service Sharing Economy Based on Personal Social Network of Users[J].Wuhan University Journal of Natural Sciences,2018,23(2):139-149. 被引量：1
4IPv6[J].天津经济,2017,0(12):60-60.
5Qi Yuan,Chunguang Ma,Junyu Lin.Fine-Grained Access Control for Big Data Based on CP-ABE in Cloud Computing[J].国际计算机前沿大会会议论文集,2015(1):100-101.
6谢英英,石涧,雷凯.基于NDN的高效发布/订阅系统设计与实现[J].重庆邮电大学学报（自然科学版）,2018,30(1):103-110. 被引量：1
7许亚平,李卓,刘开华,马东来,杨奕康.基于改进型MBF的命名数据网PIT存储结构研究[J].重庆邮电大学学报（自然科学版）,2018,30(1):61-67.
8XU Xiao-long,ZHANG Qi-tong,ZHOU Jing-lan.NC-MACPABE: Non-centered multi-authority proxy re-encryption based on CP-ABE for cloud storage systems[J].Journal of Central South University,2017,24(4):807-818. 被引量：9

China Communications

2018年第2期

浏览历史

内容加载中请稍等...

T-IP: A Self-Trustworthy and Secure Internet Protocol

参考文献1

二级参考文献22

共引文献6

相关作者

相关机构

相关主题

浏览历史