How to construct random functions
Journal of the ACM (JACM)
Congestion avoidance and control
SIGCOMM '88 Symposium proceedings on Communications architectures and protocols
Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Perfectly secure message transmission
Journal of the ACM (JACM)
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
Trajectory sampling for direct traffic observation
IEEE/ACM Transactions on Networking (TON)
An on-demand secure routing protocol resilient to byzantine failures
WiSE '02 Proceedings of the 1st ACM workshop on Wireless security
Secure traceroute to detect faulty or malicious routing
ACM SIGCOMM Computer Communication Review
User-level internet path diagnosis
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Fatih: Detecting and Isolating Malicious Routers
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
ICML '06 Proceedings of the 23rd international conference on Machine learning
Network monitors and contracting systems: competition and innovation
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Listen and whisper: security mechanisms for BGP
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Truth in advertising: lightweight verification of route integrity
Proceedings of the twenty-sixth annual ACM symposium on Principles of distributed computing
Path-quality monitoring in the presence of adversaries
SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
One-way functions are essential for complexity based cryptography
SFCS '89 Proceedings of the 30th Annual Symposium on Foundations of Computer Science
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
Toward internet-wide multipath routing
IEEE Network: The Magazine of Global Internetworking
Path-quality monitoring in the presence of adversaries
SIGMETRICS '08 Proceedings of the 2008 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Authenticated Adversarial Routing
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Packet-dropping adversary identification for data plane security
CoNEXT '08 Proceedings of the 2008 ACM CoNEXT Conference
Asynchronous throughput-optimal routing in malicious networks
ICALP'10 Proceedings of the 37th international colloquium conference on Automata, languages and programming: Part II
Verifying and enforcing network paths with icing
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Provable security of S-BGP and other path vector protocols: model, analysis and extensions
Proceedings of the 2012 ACM conference on Computer and communications security
Improving availability in distributed systems with failure informers
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Hi-index | 0.00 |
A secure failure-localization path-quality-monitoring (FLPQM) protocols allows a sender to localize faulty links on a single path through a network to a receiver, even when intermediate nodes on the path behave adversarially. Such protocols were proposed as tools that enable Internet service providers to select high-performance paths through the Internet, or to enforce contractual obligations. We give the first formal definitions of security for FL-PQM protocols and construct: 1. A simple FL-PQM protocol that can localize a faulty link every time a packet is not correctly delivered. This protocol's communication overhead is O(1) additional messages of length O(n) per packet (where n is the security parameter). 2. A more efficient FL-PQM protocol that can localize a faulty link when a noticeable fraction of the packets sent during some time period are not correctly delivered. The number of additional messages is an arbitrarily small fraction of the total number of packets. We also prove lower bounds for such protocols: 1. Every secure FL-PQM protocol requires each intermediate node on the path to have some shared secret information (e.g. keys). 2. If secure FL-PQM protocols exist then so do one-way functions. 3. Every black-box construction of a FL-PQM protocol from a random oracle that securely localizes every packet and adds at most O(log n) messages overhead per packet requires each intermediate node to invoke the oracle. These results show that implementing FL-PQM requires active cooperation (i.e. maintaining keys and agreeing on, and performing, cryptographic protocols) from all of the intermediate nodes along the path. This may be problematic in the Internet, where links operate at extremely high speeds, and intermediate nodes are owned by competing business entities with little incentive to cooperate.