Dynamic Routing with Security Considerations
Date Issued
2005
Date
2005
Author(s)
Chan, Sheng-Kun
DOI
en-US
Abstract
Security has become one of the major issues for data communication
over wired and wireless networks. In the past decades, various
security-enhanced measures have been proposed to improve the
security of data transmission over public networks. Existing work
on security-enhanced data transmission includes the designs of
cryptography algorithms and system infrastructures and
security-enhanced routing methods. The common objectives of the
aforementioned methods are often to defeat various threats over
the network, including eavesdropping, spoofing, session hijacking,
etc.
Different from the past work on the designs of cryptography
algorithms and system infrastructures, we aim at the proposing of
a dynamic routing algorithm that could randomize delivery paths
for data transmission. Based on distance-vector exchanges, the
algorithm can be easily implemented over the existing popular
routing protocol, such as Routing Information Protocol (RIP) in
wired networks and Destination-Sequenced Distance Vector (DSDV)
Protocol in wireless networks, without introducing extra control
messages.
A proper integration of dynamic routing and cryptography-based
system designs would further and significantly enhance the
security of data transmission over the networks. For example, the
security level could be increased when the feedback cipher mode of
block ciphering algorithms (e.g., DES and AES), such as Cipher
Block Chaining (CBC) and Cipher Feedback (CFB), is adopted.
Furthermore, if a key-exchange mechanism (e.g., the Internet Key
Exchange (IKE)) is used during data transmission, less packets
encrypted by some specific key can be obtained by attackers, which
makes it more difficult to derive the original plain text.
An analytic study on the proposed algorithm is presented, and a
series of performance evaluation is conducted to verify the
analytic results and the capability of the proposed algorithm.
Analytic and experimental results show that our proposed algorithm
introduces a considerably small emph{path similarity} (i.e., the
number of common links between two paths) of two consecutive
packets transmitted and greatly outperforms the standard
shortest-path and equal-cost routing algorithms.
Subjects
路由機制
網路安全
routing
security
Type
thesis
File(s)![Thumbnail Image]()
Loading...
Name
ntu-94-R92922002-1.pdf
Size
23.31 KB
Format
Adobe PDF
Checksum
(MD5):025deba2719852a896a9e6a17977394c