COLLOQUIUM
Department of Computer Science and Engineering
University of South Carolina
 
Hop Integrity in Computer Networks

Chin-Tser Huan

Department of Computer Sciences
University of Texas

Date: April 7, 2003 (Monday)
Time: 3:30-4:30PM
Place: Swearingen 1A03 (Faculty Lounge)

Abstract

A computer network is said to provide hop integrity if and only if the
following condition holds for every pair of adjacent routers p and q
in the network: when q receives a message m supposedly from p, then q
can check that m was not modified after it was sent by p, and that m
was not a replay of an old message sent long ago by p.  In this talk,
we argue that hop integrity in a computer network can prevent most
denial-of-service attacks in that network.  We also present a suite of
protocols that can be added to the routers in a computer network so
that the network can provide hop integrity.  This protocol suite
consists of three protocols: a secret exchange protocol, a weak
integrity protocol, and a strong integrity protocol.  All these
protocols are stateless, require small overhead, and do not constrain
the network protocol in any way.  Hop integrity is the only scheme
that is known to prevent denial-of-service attacks in computer
networks.  Other schemes can detect the sources of such attacks after
these attacks have been under way for some time.

Chin-Tser Huang received his M.S. in computer sciences from the
University of Texas at Austin in 1998, and the B.S. in computer
science and information engineering from National Taiwan University in
1993.  Currently, he is a Ph.D. candidate in computer sciences at the
University of Texas at Austin.  His research interests include network
security, network protocol design and verification, and distributed
systems.  He can be reached at chuang@cs.utexas.edu.