A secure method for transferring active packet using digital signature schemes

Abstract

Active networks represent a new approach to network architecture. Active networks provide a much more flexible network infrastructure than traditional networks do. Flexibility is a powerful merit of active networks, but it can raise considerable security problems. Current active network researches have applied diverse techniques to solve them. Cryptography is one way of protecting active networks. However it should not be applied conventionally, since the active network paradigm is different from the traditional one. It means that, in active network environments, active packets containing programmable codes should perform computations at intermediate-nodes as well as end-nodes. That is, since the packet sending-node does not know the intermediate receiving-node, it cannot apply traditional cryptographic techniques that can process each other only between end-nodes. The paper proposes a secure method for transferring active packets and performing computations using a transformed digital signature schemes with message recovery, in an active network environment in which intermediate packet receiving-nodes are not fixed. The proposed scheme uses a modified public key digital signature scheme in which signing/verifying key pairs have almost the same bit length and the verification-key storing server plays the role of key management server.