Security and Trust of Public Key Cryptography Options for HIP

Author

Forsgren, Harri ; Grahn, Kaj ; Karvi, Timo ; Pulkkis, Göran

fYear

2010

fDate

June 29 2010-July 1 2010

Firstpage

1079

Lastpage

1084

Abstract

Host Identity Protocol (HIP) gives cryptographically variable identities to hosts. These identities are based on public key cryptography and consist of public and private keys. Public keys can be stored, together with corresponding IP addresses, in DNS servers. When entities are negotiating on a HIP connection, messages are signed with private keys and verified with public keys. Even if this system is quite secure, there are some vulnerabilities concerning the authenticity of public keys. We examine various possibilities to derive trust in public parameters. These are DNSSEC, public key certificates (PKI), identity based cryptography (IBE) and certificate-less public key cryptography (CL-PKC). Both IBE and CL-PKC seem to offer better properties than DNSSEC and PKI, but experimental evaluation is needed, before we can make final conclusions.

Keywords

IP networks; cryptographic protocols; message authentication; private key cryptography; public key cryptography; CL-PKC; DNS servers; DNSSEC; HIP connection; IBE; IP addresses; PKI; authenticity; certificate-less public key cryptography; host identity protocol; identity based cryptography; private keys; public key certificates; public key cryptography options; Hip; IP networks; Peer to peer computing; Protocols; Public key cryptography; Host Identity Protocol; public parameters; trust;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer and Information Technology (CIT), 2010 IEEE 10th International Conference on

Conference_Location

Bradford

Print_ISBN

978-1-4244-7547-6

Type

conf

DOI

10.1109/CIT.2010.197

Filename

5578605