Title :
Security Analysis of the Cryptographic Namespace Design in Next Generation Internet Architectures
Author :
Hanka, Oliver ; Lamberty, Julian
Author_Institution :
Inst. for Commun. Networks, Tech. Univ. Munchen, Munich, Germany
Abstract :
Many Next Generation Internet architecture proposals introduce a cryptographic namespace to integrate security functionality into the network layer. They suggest to use the hash of a node´s public key as its address - the so called self-certifying address. This tight coupling between the public key and the address, however, raises the vulnerability and misleadingly indicates a false sense of security. In this paper we discuss four problematic issues with self-certifying addresses. These are inflexibility in key change, misuse of old keys, problematic authentication and random key guess. In the end we briefly outline a different approach to integrate the private/public key principle with an locator/identifier-split architecture.
Keywords :
Internet; next generation networks; public key cryptography; cryptographic namespace design; inflexibility; locator/identifier-split architecture; next generation Internet architecture; private/public key principle; problematic authentication; random key guess; security analysis; Hip; Internet; Next generation networking; Protocols; Public key;
Conference_Titel :
Communications Workshops (ICC), 2011 IEEE International Conference on
Conference_Location :
Kyoto
Print_ISBN :
978-1-61284-954-6
Electronic_ISBN :
978-1-61284-953-9
DOI :
10.1109/iccw.2011.5963567
