nanog mailing list archives

Re: references on non-central authority network protocols

From: Scott A Crosby <crosby () qwes math cmu edu>
Date: Sat, 13 Apr 2002 21:45:16 -0400 (EDT)


On Sat, 13 Apr 2002, Stephen Sprunk wrote:


Thus spake "Patrick Thomas" <root () utility clubscholarship com>

I am looking for any and all research (and perhaps your
comments), references, etc. regarding replacements for the
TCP/IP protocol that do not require centralized authority
structures (central authority to assign network numbers).


Please explain how you think any protocol could support non-trivial numbers
of users without some arbiter to prevent address collisions.


Rolling off the top of my head, I think its doable. The general trick is
to make it hard to forge packets with arbitrary addresses (by using
authentication).

Assume each host has an public and private key pair by some conventional
algorithm (RSA, or other). The private key is never disclosed.

  K_public, K_private.

Let H be a collision resistant hash function, and SIGN do a digital
signature that may be verified by anyone who knows K_public.

Then, each host is given an address of:

      k_public

Now, annotate each packet with sufficient information to authenticate
that the packet came from the host k_public.

      SIGN(H(k_public || BODY)) || k_public || BODY

(Note: hosts could be given addresses of H(k_public) for shorter
addresses. Another enhancement would be to annotate the packet with a
counter to help catch replay attacks.)

Anyways, I think this fits the bill, you cannot create an arbitrary
k_public of your choice. If you could, then you could break the public key
cryptosystem (or the cryptographic hash).

The only way to create a valid signature is to know k_private. Packets are
not accepted unless they come with a valid signature, so knowing k_public
does not tell one how to create packets.

--

A variant of this could be made where just the network is assigned with
this scheme, the host isn't. IE, hosts are assigned addresses of:

  k_public || hostaddr

Which isn't robust against malicious hosts in the same network, but thats
fixable with a heirarchial scheme.

--

This is off the top of my head, so I probably made a stupid mistake.. But
I'm pretty sure some variation of this scheme would work.

Scott

Current thread:

references on non-central authority network protocols Patrick Thomas (Apr 12)
- Re: references on non-central authority network protocols Eric Gauthier (Apr 13)
- Re: references on non-central authority network protocols Stephen Sprunk (Apr 13)
  - Re: references on non-central authority network protocols E.B. Dreger (Apr 13)
  - Re: references on non-central authority network protocols Scott A Crosby (Apr 13)
    - RE: references on non-central authority network protocols Bruce Williams (Apr 13)
    - Re: references on non-central authority network protocols Stephen Sprunk (Apr 14)
    - RE: references on non-central authority network protocols Tony Hain (Apr 15)
    - RE: references on non-central authority network protocols Bruce Williams (Apr 15)
    - Re: references on non-central authority network protocols Valdis . Kletnieks (Apr 15)
    - Re: references on non-central authority network protocols Scott A Crosby (Apr 16)
    - RE: references on non-central authority network protocols Tony Hain (Apr 17)
    - Re: references on non-central authority network protocols Dave Crocker (Apr 17)
  - Re: references on non-central authority network protocols Jasper Wallace (Apr 14)
    - Re: references on non-central authority network protocols Valdis . Kletnieks (Apr 15)

(Thread continues...)