Generalized certificate revocation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure communications over insecure channels
Communications of the ACM
Security problems in the TCP/IP protocol suite
ACM SIGCOMM Computer Communication Review
Securing IPv6 neighbor and router discovery
WiSE '02 Proceedings of the 1st ACM workshop on Wireless security
A secure address resolution protocol
Computer Networks: The International Journal of Computer and Telecommunications Networking
On Certificate Revocation and Validation
FC '98 Proceedings of the Second International Conference on Financial Cryptography
Revocation: Options and Challenges
FC '98 Proceedings of the Second International Conference on Financial Cryptography
A Response to ''Can We Eliminate Certificate Revocation Lists?''
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Efficient Certificate Revocation
Efficient Certificate Revocation
Origin authentication in interdomain routing
Proceedings of the 10th ACM conference on Computer and communications security
S-ARP: a Secure Address Resolution Protocol
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
A Look Back at "Security Problems in the TCP/IP Protocol Suite"
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
TARP: Ticket-based Address Resolution Protocol
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Using client puzzles to protect TLS
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Certificate revocation and certificate update
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
SSH: secure login connections over the internet
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Public Key distribution with secure DNS
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
CLL: A Cryptographic Link Layer for Local Area Networks
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Enhanced ARP: preventing ARP poisoning-based man-in-the-middle attacks
IEEE Communications Letters
Genuine ARP (GARP): a broadcast based stateful authentication protocol
ACM SIGSOFT Software Engineering Notes
Collaborative approach to mitigating ARP poisoning-based Man-in-the-Middle attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
| Hi-index | 0.00 |
IP networks fundamentally rely on the Address Resolution Protocol (ARP) for proper operation. Unfortunately, vulnerabilities in ARP enable a raft of Internet Protocol (IP)-based impersonation, man-in-the-middle, or Denial of Service (DoS) attacks. Proposed countermeasures to these vulnerabilities have yet to simultaneously address backward compatibility and cost requirements. This paper introduces the Ticket-based Address Resolution Protocol (TARP). TARP implements security by distributing centrally issued secure IP/Medium Access Control (MAC) address mapping attestations through existing ARP messages. We detail TARP and its implementation within the Linux operating system. We also detail the integration of TARP with the Dynamic Host Configuration Protocol (DHCP) for dynamic ticket distribution. Our experimental analysis shows that TARP improves the costs of implementing ARP security by as much as two orders of magnitude over existing protocols. We conclude by exploring a range of operational issues associated with deploying and administering ARP security.