BloomCasting: Security in bloom filter based multicast

Mikko Särelä*, Christian Esteve Rothenberg, András Zahemszky, Pekka Nikander, Jörg Ott

*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference contributionScientificvertaisarvioitu

7 Sitaatiot (Scopus)

Abstrakti

Traditional multicasting techniques give senders and receivers little control for who can receive or send to the group and enable end hosts to attack the multicast infrastructure by creating large amounts of group specific state. Bloom filter based multicast has been proposed as a solution to scaling multicast to large number of groups. In this paper, we study the security of multicast built on Bloom filter based forwarding and propose a technique called BloomCasting, which enables controlled multicast packet forwarding. Bloomcasting group management is handled at the source, which gives control over the receivers to the source. Cryptographically computed edge-pair labels give receivers control over from whom to receive. We evaluate a series of data plane attack vectors based on exploiting the false positives in Bloom filters and show that the security issues can be averted by (i) locally varying the Bloom filter parameters, (ii) the use of keyed hash functions, and (iii) per hop bit permutations on the Bloom filter carried in the packet header.

AlkuperäiskieliEnglanti
OtsikkoInformation Security Technology for Applications - 15th Nordic Conference on Secure IT Systems, NordSec 2010, Revised Selected Papers
Sivut1-16
Sivumäärä16
DOI - pysyväislinkit
TilaJulkaistu - 4 kesäk. 2012
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisuussa
TapahtumaNordic Conference on Secure IT Systems - Aalto-yliopisto, Espoo, Suomi
Kesto: 27 lokak. 201029 lokak. 2010
Konferenssinumero: 15

Julkaisusarja

NimiLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Vuosikerta7127 LNCS
ISSN (painettu)0302-9743
ISSN (elektroninen)1611-3349

Conference

ConferenceNordic Conference on Secure IT Systems
LyhennettäNordSec
Maa/AlueSuomi
KaupunkiEspoo
Ajanjakso27/10/201029/10/2010

Sormenjälki

Sukella tutkimusaiheisiin 'BloomCasting: Security in bloom filter based multicast'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä