Skip to main content
SpringerLink
Log in

Controlling Incoming Connections Using Certificates and Distributed Hash Tables

  • Conference paper
Next Generation Teletraffic and Wired/Wireless Advanced Networking (NEW2AN 2007)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 4712))

Included in the following conference series:

  • 492 Accesses

Abstract

The current architecture of the Internet where anyone can send anything to anybody presents many problems. The recipient of the connection might be using a mobile access network and thus unwanted incoming connections could produce a high cost to the recipient. In addition, denial of service attacks are easy to launch. As a solution to this problem, we propose the Recipient Controlled Session Management Protocol where all incoming connections are denied by the default and the recipient of the connection can choose using certificates what incoming connections are allowed. The recipient can also revoke rights for making an incoming connection at any time.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Adkins, D., Lakshminarayanan, K., Perrig, A., Stoica, I.: Towards a more functional and secure network infrastructure. Technical Report UCB/CSD-03-1232, Computer Science Division (EECS), University of California, Berkely, USA (2003)

    Google Scholar 

  2. Anderson, T., Roscoe, T., Wetherall, D.: Preventing Internet Denial-of-Service with Capabilities. In: ACM SIGCOMM Computer Communications Review, pp. 39–44 (2004)

    Google Scholar 

  3. Candolin, C.: Securing Military Decision Making In a Network-centric Environment. Doctoral dissertation, Espoo (2005)

    Google Scholar 

  4. Gaubatz, G., Kaps, J., Öztürk, E., Sunar, B.: State of the Art in Ultra-Low Power Public Key Cryptography for Wireless Sensor Networks. In: proceedings of the third International Conference on Pervasive Computing and Communications Workshops, Hawaii, USA (March 2005)

    Google Scholar 

  5. Goodman, J., Chandrakasan, A.: An Energy-Efficient Reconfigurable Public-Key Cryptography Processor. IEEE Journal of Solid-State Circuits 36(11), 1808–1820 (2001)

    Article  Google Scholar 

  6. Gribble, S.D., Brewer, E.A., Hellerstein, J.M., Culler, D.: Scalable, Distributed Data Structures for Internet Service Construction. In: Proceedings of the 4th Symposium on Operating System Design and Implementation (OSDI 2000), pp. 319–332 (2000)

    Google Scholar 

  7. Hildrum, K., Kubiatowicz, J.D., Rao, S., Zhao, B.Y.: Distributed Object Location in a Dynamic Network. In: Proceedings of the 14th ACM Symposium on Parallel Algorithms and Architectures (SPAA 2002), pp. 41–52 (2002)

    Google Scholar 

  8. Johnson, D., Perkins, C., Arkko, J.: Mobility Support in IPv6. The Internet Society, Network Working Group, Request for Comments: 3775 (2004)

    Google Scholar 

  9. Kobliz, N.: Elliptic Curve Cryptosystems. Mathematics of Computation 48, 203–209 (1987)

    Article  MathSciNet  Google Scholar 

  10. Lunberg, J.: Packet level authentication protocol implementation. In: Military Ad Hoc Networks, vol. 1(19), Helsinki (2004)

    Google Scholar 

  11. Lutz, J., Hasan, A.: High Performance FPGA based Elliptic Curve Cryptographic Co-Processor. In: Proceedings of the International Conference on Information Technology: Coding and Computing, ITCC 2004, Las Vegas, USA (April 2004)

    Google Scholar 

  12. Miller, V.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, Springer, Heidelberg (1986)

    Google Scholar 

  13. Moskowitz, R., Nikander, P.: Host Identity Protocol. Internet draft, work in progress (June 2006)

    Google Scholar 

  14. Nikander, P., Arkko, J., Ohlman, B.: Host Identity Indirection Infrastructure (Hi3). In: proceedings of the Second Swedish National Computer Networking Workshop, Karlstad, Sweden (November 2004)

    Google Scholar 

  15. Packet level authentication [online] [Accessed 10 October 2006], Available from: http://www.tcs.hut.fi/Software/PLA/

  16. Rosenberg, J., et al.: SIP: Session Initiation Protocol. The Internet Society, Network Working Group, Request for Comments: 3261 (2002)

    Google Scholar 

  17. Satoh, A., Takano, K.: A Scalable Dual-Field Elliptic Curve Cryptographic Processor. IEEE Transactions on Computers 52(4), 449–460 (2003)

    Article  Google Scholar 

  18. Stoica, I., Adkins, D., Zhuang, S., Shenker, S., Sunara, S.: Internet Indirection Infrastructure. In: Proceedings of ACM SIGCOMM 2002, Pittsburgh, USA (August 2002)

    Google Scholar 

  19. Stoica, I., Morris, R., Karger, D., Kaashoek, M.F., Balakrishnan, H.: Chord: A Scalable Peer-to-peer Lookup Service for Internet Applications. In: Proceedings of the ACM SIGCOMM 2001, pp. 149–160 (2001)

    Google Scholar 

  20. Yaar, A., Perrig, A., Song, D.: SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks. In: proceedings of the 2004 IEEE Symposium on Security and Privacy, Oakland, USA (May 2004)

    Google Scholar 

  21. Ylitalo, J., Nikander, P.: BLIND: A Complete Identity Protection Framework for End-points. In: proceedings of the Twelfth International Workshop on Security Protocols, Cambridge, UK (April 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratory for Theoretical Computer Science, Helsinki University of Technology, P.O. Box 5400, FI-02015 TKK, Finland

    Dmitrij Lagutin & Hannu H. Kari

Authors
  1. Dmitrij Lagutin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hannu H. Kari
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Yevgeni Koucheryavy Jarmo Harju Alexander Sayenko

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lagutin, D., Kari, H.H. (2007). Controlling Incoming Connections Using Certificates and Distributed Hash Tables. In: Koucheryavy, Y., Harju, J., Sayenko, A. (eds) Next Generation Teletraffic and Wired/Wireless Advanced Networking. NEW2AN 2007. Lecture Notes in Computer Science, vol 4712. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74833-5_38

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74833-5_38

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74832-8

  • Online ISBN: 978-3-540-74833-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation