Litcius/Paper detail

An Identity-Based Encryption Method for SDN-Enabled Source Routing Systems

Bander Alzahrani, Shehzad Ashraf Chaudhry

2022Security and Communication Networks12 citationsDOIOpen Access PDF

Abstract

In this study, we consider endpoints communicating over a software-defined networking (SDN)-based architecture using source routing, i.e., packets are routed through a path selected by the packet sender, and we provide a security solution that enforces the selected path. In particular, our solution allows a sender to select the path that a packet should go through using a constant-size cryptographic construction which is referred to as the authenticator. A recipient can examine an authenticator and verify that the received packet has followed the path selected by the sender. Additionally, any intermediate “programmable” switch can verify whether or not it is included in the path of a packet. Our solution can be used even for paths that include multiple recipients (e.g., multicast paths), as well as multiple parallel paths (e.g., multipath transmissions). We implement our solution by leveraging identity-based encryption (IBE), so it can be used by any sender that knows the identifiers of the links that compose the desired path, i.e., information that the sender usually already knows as part of the source routing protocol. Our solution is realistic since it can be implemented over a variety of platforms with tolerable overhead.

Topics & Concepts

Computer scienceCommunication sourceComputer networkEncryptionNetwork packetSource routingRouting (electronic design automation)Overhead (engineering)MulticastIdentifierPath (computing)Distributed computingRouting protocolLink-state routing protocolOperating systemCaching and Content DeliveryInternet Traffic Analysis and Secure E-votingSoftware-Defined Networks and 5G