New DoS Defense Method Based on Strong Designated Verifier Signatures

We present a novel technique for source authentication of a packet stream in a network, which intends to give guarantees that a specific network flow really comes from a claimed origin. This mechanism, named packet level authentication (PLA), can be an essential tool for addressing Denial of Service...

Descripción completa

Detalles Bibliográficos
Autores principales: de Almeida, Marcone Pereira, de Sousa Júnior, Rafael Timóteo, García Villalba, Luis Javier, Kim, Tai-Hoon
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2018
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6163848/
https://www.ncbi.nlm.nih.gov/pubmed/30149678
http://dx.doi.org/10.3390/s18092813
Descripción
Sumario:We present a novel technique for source authentication of a packet stream in a network, which intends to give guarantees that a specific network flow really comes from a claimed origin. This mechanism, named packet level authentication (PLA), can be an essential tool for addressing Denial of Service (DoS) attacks. Based on designated verifier signature schemes, our proposal is an appropriate and unprecedented solution applying digital signatures for DoS prevention. Our scheme does not rely on an expensive public-key infrastructure and makes use of light cryptography machinery that is suitable in the context of the Internet of Things (IoT). We analyze our proposed scheme as a defense measure considering known DoS attacks and present a formal proof of its resilience face to eventual adversaries. Furthermore, we compare our solution to already existent strategies, highlighting its advantages and drawbacks.

Ejemplares similares