Abstract
The Locator/ID Separation Protocol (LISP) is a routing architecture that provides new semantics for IP addressing. In order to simplify routing operations and improve scalability in future Internet, the LISP separates the device identity from its location using two different numbering spaces. The LISP also, introduces a mapping system to match the two spaces. In the initial stage, each LISP-capable router needs to register with a Map Server, this is known as the Registration stage. However, this stage is vulnerable to masquerading and content poisoning attacks. Therefore, a new security method for protecting the LISP Registration stage is presented in this paper. The proposed method uses the ID-Based Cryptography (IBC) which allows the mapping system to authenticate the source of the data. The proposal has been verified using formal methods approach based on the well-developed Casper/FDR tool.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Farinacci, D., Fuller, V., Meyer, D., Lewis, D.: Locator/ID Separation Protocol (LISP). Internet-Draft (November 13, 2012)
Cisco Locator/ID Separation Protocol Security At-A-Glance, http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/ps10800/at_a_glance_c45-645204.pdf (last accessed on January 13, 2013)
Maino, F., Ermagan, V., Cabellos, A., Saucez, A., Bonaventure, O.: LISP-Security (LISP-SEC). Internet-Draft (September 12, 2012)
Maino, F., Ermagan, V., Cabellos, A., Saucez, A., Bonaventure, O.: LISP-Security (LISP-SEC). Internet-Draft (September 12, 2012)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: DNS Security Introduction and Requirements, Internet Engineering Task Force, RFC 4033 (March 2005)
Lowe, G., Broadfoot, P., Dilloway, C., Hui, M.L.: Casper: A compiler for the analysis of security protocols, 1.12 edn. (September 2009)
Cisco Locator/ID Separation Protocol Revolutionary Network Architecture to Power the Network, http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/ps10800/aag_c45-635298.pdf (last accessed on January 13, 2013)
Farinacci, D., Fuller, V.: LISP Map Server Interface. Internet-Draft (March 4, 2012)
Goldsmith, M., Lowe, G., Roscoe, A.W., Ryan, P., Schneider, S.: The modelling and analysis of security protocols. PEARSON Ltd. (2010)
Formal Systems, Failures-divergence refinement. FDR2 user manual and tutorial, Version 1.3 (June 1993)
Aiash, M., Mapp, G., Lasebae, A., Phan, P., Loo, J.: Casper: A formally verified AKA protocol for vertical handover in heterogeneous environments using Casper/FDR. EURASIP Journal on Wireless Communications and Networking 2012, 57 (2012)
Aiash, M., Mapp, G., Lasebae, A., Phan, P., Loo, J.: A Formally Verified Device Authentication Protocol Using Casper/FDR. In: 11th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), June 25-27 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Aiash, M., Al-Nemrat, A., Preston, D. (2013). Securing Address Registration in Location/ID Split Protocol Using ID-Based Cryptography. In: Tsaoussidis, V., Kassler, A.J., Koucheryavy, Y., Mellouk, A. (eds) Wired/Wireless Internet Communication. WWIC 2013. Lecture Notes in Computer Science, vol 7889. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38401-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-38401-1_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38400-4
Online ISBN: 978-3-642-38401-1
eBook Packages: Computer ScienceComputer Science (R0)