Skip to the main content

Original scientific paper

https://doi.org/10.17559/TV-20150314133532

A DSA-based scheme for defending against IP prefix hijacking without repositories

Bo Yang ; School of Information Technology, Jiangxi University of Finance and Economics, High Level Engineering Research Center of Electronic-Commerce, Jiangxi Provincial Colleges and Universities, 330013 Nanchang, China


Full text: croatian pdf 1.133 Kb

page 985-996

downloads: 485

cite

Full text: english pdf 1.133 Kb

page 985-996

downloads: 247

cite


Abstract

IP prefix hijacking poses a serious threat to the security of the Internet. Cryptographic authenticating origin ASes (Autonomous Systems) of advertised prefix, which is an effective way of preventing IP prefix hijacking, has received wide acceptance. However, these existing schemes received various critical comments on their inefficiency when cryptographic authenticating origin ASes. For improving efficiency, we take full advantage of specific characteristics of DSA (Digital Signature Algorithm) and thus present a scheme for preventing IP prefix hijacking. There are two characteristics, which are DSA-based and efficient, in the proposed scheme. Firstly, because DSA is a United States Federal Government standard for digital signatures, the DSA-based can maintain compatibility with the DSA and its analytical tools, and thus it is easier for proposed scheme to be widely accepted and applied into practice. Secondly, public key certificates are not necessary because public keys can be computed by using a formula. Separated verifying signatures in these certificates, which are inevitable in almost all existing cryptography-based schemes, can be replaced with computing of a multi-exponentiation formula. Thus, the efficiency is achieved.

Keywords

certificates; DSA; IP prefix hijacking; multi-exponentiation

Hrčak ID:

163813

URI

https://hrcak.srce.hr/163813

Publication date:

16.8.2016.

Article data in other languages: croatian

Visits: 1.488 *