Abstract
Software Defined Networks (SDN) decouples control plane and data plane, which simplifies network management. However, there are still some security threats which limit the large scale deployment of SDN. In this paper, we present a solution which integrates Quantum Key Distribution (QKD) technology with SDN in the southbound interface to fulfill secure communication between controller and switches. Rather than merely employ Transport Level Security (TLS) protocol in OpenFlow standard, the proposed scheme can prevent the Man-In-The-Middle (MITM) attack.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Open Network Foundation: Software-defined networking: the new norm for networks. ONF White Paper (2012)
McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., Turner, J.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38, 69–74 (2008)
MIT Technology Review: 10 breakthrough technologies, TR10: software-defined networking. http://www2.technologyreview.com/article/412194/tr10-software-defined-networking/ (2009)
ONF: OpenFlow Switch Specification V1.5.1
Dierks T., Rescorla, E.: Transport Layer Security Protocol. Network Working Group, RFC 5246 (2008)
Das, M.L., Samdaria, N.: On the security of SSL/TLS-enabled applications. Appl. Comput. Inform. 10, 68–81 (2014)
Bleichenbacher, D.: Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998). doi:10.1007/BFb0055716
Ray, M., Dispensa, S.: Renegotiating TLS (2009). http://extendedsubset.com/Renegotiating_TLS.pdf
Marlinspike, M.: New tricks for defeating SSL in practice. In: BlackHat (2009)
Shin, D., Lopes, R: An empirical study of visual security cues to prevent the SSL stripping attack. In: Proceedings of the Computer Security Applications Conference (ACSAC 2011), pp. 287–296 (2011)
Zhao, S., Wang, D., Zhao, S., Yang, W., Ma, C.: Cookie-proxy: a scheme to prevent SSL Strip attack. In: Chim, T.W., Yuen, T.H. (eds.) ICICS 2012. LNCS, vol. 7618, pp. 365–372. Springer, Heidelberg (2012). doi:10.1007/978-3-642-34129-8_34
Giesen, F., Kohlar, F., Stebila, D.: On the security of TLS renegotiation. In: Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS) 2013 (2013)
Zetter, K.: DigiNotar files for bankruptcy in wake of devastating hack. Wired Mag. (2011)
Sasaki, M., Fujiwara, M., Ishizuka, H., Klaus, W., Wakui, K., Takeoka, M., Miki, S., Yamashita, T., Wang, Z., Tanaka, A.: Field test of quantum key distribution in the Tokyo QKD Network. Opt. Express 19, 10387–10409 (2011)
Yin, H.-L., Chen, T.-Y., Yu, Z.-W., Liu, H., You, L.-X., Zhou, Y.-H., Chen, S.-J., Mao, Y., Huang, M.-Q., Zhang, W.-J.: Measurement device independent quantum key distribution over 404 km optical fibre. arXiv preprint arXiv:1606.06821 (2016)
Acknowledgements
This work was supported by NSFC No. 61202488, and Guangxi Cooperative Innovation Center of cloud computing and Big Data (No. YD16505).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Peng, Y., Wu, C., Zhao, B., Yu, W., Liu, B., Qiao, S. (2017). QKDFlow: QKD Based Secure Communication Towards the OpenFlow Interface in SDN. In: Yuan, H., Geng, J., Bian, F. (eds) Geo-Spatial Knowledge and Intelligence. GRMSE 2016. Communications in Computer and Information Science, vol 699. Springer, Singapore. https://doi.org/10.1007/978-981-10-3969-0_45
Download citation
DOI: https://doi.org/10.1007/978-981-10-3969-0_45
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-3968-3
Online ISBN: 978-981-10-3969-0
eBook Packages: Computer ScienceComputer Science (R0)