Tehnički vjesnik, Vol. 23 No. 4, 2016.
Izvorni znanstveni članak
https://doi.org/10.17559/TV-20150314133532
A DSA-based scheme for defending against IP prefix hijacking without repositories
Bo Yang
; School of Information Technology, Jiangxi University of Finance and Economics, High Level Engineering Research Center of Electronic-Commerce, Jiangxi Provincial Colleges and Universities, 330013 Nanchang, China
Sažetak
IP prefix hijacking poses a serious threat to the security of the Internet. Cryptographic authenticating origin ASes (Autonomous Systems) of advertised prefix, which is an effective way of preventing IP prefix hijacking, has received wide acceptance. However, these existing schemes received various critical comments on their inefficiency when cryptographic authenticating origin ASes. For improving efficiency, we take full advantage of specific characteristics of DSA (Digital Signature Algorithm) and thus present a scheme for preventing IP prefix hijacking. There are two characteristics, which are DSA-based and efficient, in the proposed scheme. Firstly, because DSA is a United States Federal Government standard for digital signatures, the DSA-based can maintain compatibility with the DSA and its analytical tools, and thus it is easier for proposed scheme to be widely accepted and applied into practice. Secondly, public key certificates are not necessary because public keys can be computed by using a formula. Separated verifying signatures in these certificates, which are inevitable in almost all existing cryptography-based schemes, can be replaced with computing of a multi-exponentiation formula. Thus, the efficiency is achieved.
Ključne riječi
certificates; DSA; IP prefix hijacking; multi-exponentiation
Hrčak ID:
163813
URI
Datum izdavanja:
16.8.2016.
Posjeta: 1.488 *