Abstract
Using a public key certificate for authentication purpose is vulnerable to MIM attack or certificate theft. In this study, we suggest a technique to embed the user’s biometric data in all packets for a strong authentication. By authenticating each and every packet with the user’s biometric data, we can completely remove the possibility of MIM or session hijacking attack. The embedding of biometric data starts from the very first SYN packet, thereby nullifying port scanning or SYN-flooding DOS attack. The system has been implemented and shows that it can achieve an enhanced security with tolerable increase in packet length.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Burkholder, P.: SSL Man-in-the-Middle Attacks. SANS Institute (February 2002), http://www.sans.org/rr/whitepapers/threats/480.php
Steiner, M., Buhler, P., Eirich, T., Waidner, M.: Secure Password-Based Cipher Suite for TLS. ACM Transactions on Information and System Security 4(2), 134–157 (2001)
Kent, S.: IP Authentication Header. IETF Working Group (December 2005), http://www.ietf.org/rfc/rfc4302.txt
Kent, S: IP Encapsulating Security Payload (ESP). IETF Working Group (December 2005), http://www.ietf.org/rfc/rfc4303.txt
Kari, H., Candolin, C., Lundberg, J.: Packet Level Authentication in Military Networks. In: Proceedings of the 6th Australian Information Warfare & IT Security Conference, Geelong, Australia (November 2005)
Gennaro, R., Rohatgi, P.: How to Sign Digital Streams. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 180–197. Springer, Heidelberg (1997)
Challal, Y., Bettahar, H., Bouabdallah, A.: A Taxonomy of Multicast Data Origin Authentication: Issues and Solutions. In: IEEE Communications Surveys and Tutorials 6 (October 2004)
Wong, C.K., Lam, S.S.: Digital Signatures for Flows and Multicasts. IEEE/ACM Transactions on Networking (TON) 7(4), 502–513 (1999)
Perrig, A., Canetti, R., Tygar, J.D., Song, D.: Efficient Authentication and Signature of Multicast Streams over Lossy Channels. In: Proceedings of the IEEE Symposium on Research in Security and Privacy, pp. 56–73 (May 2000)
Lamport, L.: Password Authentication with Insecure Communication. Communications of the ACM 24(11), 770–772 (1981)
Haller, N.: The S/Key One-Time Password System. In: Proceedings of the Symposium on Network and Distributed Systems Security, pp.151-157 (February 1994)
Blake-Wilson, S., Nystrom, M., Hopwood, D., Mikkelsen, J., Wright, T.: Transport Layer Security (TLS) Extensions. IETF Working Group (June 2003), http://www.ietf.org/rfc/rfc3546.txt
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Lee, D.S., Kim, K.C., Yoo, Y.B. (2007). Enhancing Security by Embedding Biometric Data in IP Header. In: van Leeuwen, J., Italiano, G.F., van der Hoek, W., Meinel, C., Sack, H., Plášil, F. (eds) SOFSEM 2007: Theory and Practice of Computer Science. SOFSEM 2007. Lecture Notes in Computer Science, vol 4362. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-69507-3_63
Download citation
DOI: https://doi.org/10.1007/978-3-540-69507-3_63
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-69506-6
Online ISBN: 978-3-540-69507-3
eBook Packages: Computer ScienceComputer Science (R0)