End-to-end arguments in system design
ACM Transactions on Computer Systems (TOCS)
Child-proof authentication for MIPv6 (CAM)
ACM SIGCOMM Computer Communication Review
WIAPP '01 Proceedings of the Second IEEE Workshop on Internet Applications (wiapp '01)
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Applying a cryptographic namespace to applications
DIN '05 Proceedings of the 1st ACM workshop on Dynamic interconnection of networks
Hi3: An efficient and secure networking architecture for mobile hosts
Computer Communications
Virtual network stacks: from theory to practice
Security and Communication Networks
Controlling incoming connections using certificates and distributed hash tables
NEW2AN'07 Proceedings of the 7th international conference on Next Generation Teletraffic and Wired/Wireless Advanced Networking
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
In this paper, we present a security framework that provides identity protection against active and passive attacks for end-points. The framework is based on a two-round-trip authenticated Diffie-Hellman key exchange protocol that identifies the end-points to each other and creates a security association between the peers. The protocol hides the public key based identifiers from attackers and eavesdroppers by blinding the identifiers. We complete the identity protection by offering location privacy with forwarding agents. To our knowledge, our privacy enhanced protocol is the first denial-of-service resistant two-round-trip key exchange protocol that offers identity protection for both communicating peers.