Abstract
In this study, we consider endpoints communicating over a software-defined networking (SDN)-based architecture using source routing, i.e., packets are routed through a path selected by the packet sender, and we provide a security solution that enforces the selected path. In particular, our solution allows a sender to select the path that a packet should go through using a constant-size cryptographic construction which is referred to as the authenticator. A recipient can examine an authenticator and verify that the received packet has followed the path selected by the sender. Additionally, any intermediate “programmable” switch can verify whether or not it is included in the path of a packet. Our solution can be used even for paths that include multiple recipients (e.g., multicast paths), as well as multiple parallel paths (e.g., multipath transmissions). We implement our solution by leveraging identity-based encryption (IBE), so it can be used by any sender that knows the identifiers of the links that compose the desired path, i.e., information that the sender usually already knows as part of the source routing protocol. Our solution is realistic since it can be implemented over a variety of platforms with tolerable overhead.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
