Key Management Framework for IP Multicast Infrastructure Security

Hardjono, Thomas

doi:10.1007/3-540-48888-X_37

Thomas Hardjono⁸

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1597))

Included in the following conference series:

International Conference on Intelligence in Services and Networks

232 Accesses

Abstract

The IP multicast routing infrastructure requires the authentication of control messages and also of data messages. The current work identifies the various categories of authentication keys required within a multicast distribution tree and presents a basic model for their key-management. It also introduces the concept of core authentication routers within the distribution tree that have the additional burdensome task of authenticating data messages. An approach to the management of keys that authenticate control messages is then presented, illustrated using the example of the key arrangement defined for the PIM multicast routing protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

D. Waitzman, C. Partridge, and S. Deering, “Distance Vector Multicast Routing Protocol,” RFC 1075, IETF, 1988.
Google Scholar
T. Ballardie, P. Francis, and J. Crowcroft, “Core Based Trees: An architecture for scalable inter-domain multicast routing,” in Proceedings of ACM SIGCOMM’93, (San Francisco), pp. 85–95, ACM, 1993.
Google Scholar
J. Moy, “Multicast extensions to OSPF,” RFC 1584, IETF, 1994.
Google Scholar
S. Deering, D. Estrin, D. Farinacci, M. Handley, A. Helmy, V. Jacobson, C. Liu, P. Sharma, D. Thaler, and L. Wei, “Protocol Independent Multicast — Sparse Mode: Motivations and Architecture,” August 1998. draft-ietf-pim-arch-05.txt (http://www.ietf.org)
S. Deering, “Host extensions for IP multicasting,” RFC 1112, IETF, 1989.
Google Scholar
W. Fenner, “Internet group management protocol version 2,” RFC 2236, IETF, 1997.
Google Scholar
B. Cain, S. Deering, and A. Thyagarajan, “Internet group management protocol version 3,” tech. rep., IETF, November 1997. draft-ietf-idmr-igmp-v3-00.txt.
Google Scholar
R. Perlman, “Network layer protocols with byzantine robustness,” Technical Report MIT/LCS/TR-429, Massachusetts Institute of Technology, October 1988.
Google Scholar
S. L. Murphy and M. R. Badger, “Digital signature protection of OSPF routing protocol,” in Proceedings of the 1996 Network and Distributed System Security Symposium NDSS’96, (San Diego), ISOC, 1996.
Google Scholar
T. Ballardie and J. Crowcroft, “Multicast-specific security threats and countermeasures,” in Proceedings of the 1995 Network and Distributed Systems Security Symposium NDSS’95, (San Diego), ISOC, 1995.
Google Scholar
L. Wei, “Authenticating PIM version 2 messages,” Nov 1998. draft-ietf-pim-v2-auth-00.txt. (http://www.ietf.org).
T. Hardjono, B. Cain, and N. Doraswamy, “A framework for group key management for multicast security,” July 1998. draft-ietf-ipsec-gkmframework-00.tx. (http://www.ietf.org).
T. Hardjono, B. Cain, and I. Monga, “Intra-domain group key management protocol,” Nov 1998. draft-ietf-ipsec-intragkm-00.txt. (http://www.ietf.org)
H. Harney and C. Muckenhirn, “Group key management protocol (GKMP) specification,” RFC 2093, IETF, July 1997.
Google Scholar
D. Thaler, D. Estrin, and D. Meyer, “Border Gateway Multicast Protocol (BGMP),” Nov 1998. draft-ietf-idmr-gum-04.txt. (http://www.ietf.org)
Dino Farinacci, Yakov Rekhter, Peter Lothberg, Hank Kilmer, and Jeremy Hall, “Multicast Source Discovery Protocol”(MSDP), IETF internet-draft, draft-farinacci-msdp-00.txt. (http://www.ietf.org)
S. Kent and R. Atkinson, “Security architecture for the Internet Protocol,” RFC 2401, IETF, Nov 1998.
Google Scholar
S. Kent and R. Atkinson, “IP authentication header,” RFC 2402, IETF, Nov 1998.
Google Scholar

Download references

Author information

Authors and Affiliations

Bay Architecture Laboratory, Nortel Networks, 3 Federal Street, Billerica, MA, 01821, USA
Thomas Hardjono

Authors

Thomas Hardjono
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Alcatel Research, Francis Wellesplein 1, B-2018, Antwerpen, Belgium
Han Zuidweg
European Commission, Rue de la Loi 200, B-1049, Bruxelles, Belgium
Mario Campolargo
Universitat Politécnica de Catalunya, C/ Jordi Girona, 1-3, E-08034, Barcelona, Spain
Jaime Delgado

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Hardjono, T. (1999). Key Management Framework for IP Multicast Infrastructure Security. In: Zuidweg, H., Campolargo, M., Delgado, J. (eds) Intelligence in Services and Networks Paving the Way for an Open Service Market. IS&N 1999. Lecture Notes in Computer Science, vol 1597. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48888-X_37

Download citation

DOI: https://doi.org/10.1007/3-540-48888-X_37
Published: 15 April 1999
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65895-5
Online ISBN: 978-3-540-48888-0
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics