Title :
Anti-replay window protocols for secure IP
Author :
Gouda, Mohamed G. ; Huang, Chin-Tser ; Li, Eric
Author_Institution :
Dept. of Comput. Sci., Texas Univ., Austin, TX, USA
Abstract :
The anti-replay window protocol is used to secure IP against an adversary that can insert (possibly replayed) messages in the message stream from a source computer to a destination computer in the Internet. In this paper, we verify the correctness of this important protocol using standard methods (i.e. auxiliary variables, annotation, and invariants). We show that despite the adversary, the protocol delivers each message at most once, and discards a message only if another copy of this message has already been delivered, or the message has suffered a reorder of degree w or more, where w is the window size. We then develop another variation of this protocol that uses two windows of size w/2 each. This protocol delivers every message at most once, and discards a message only if another copy of this message has already been delivered, or the message has suffered a reorder of degree w+d or more, where d is the sum of current distances between successive windows in the protocol. We argue that the double-window protocol is more effective than the original single-window protocol
Keywords :
Internet; protocols; security of data; telecommunication security; Internet; adversary; annotation; anti-replay window protocols; auxiliary variables; destination computer; double-window protocol; invariants; message insertion; message stream; replayed messages; secure IP; single-window protocol; source computer; Body sensor networks; Computer networks; Computer security; Educational programs; Internet; Logic design; Protocols;
Conference_Titel :
Computer Communications and Networks, 2000. Proceedings. Ninth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
0-7803-6494-5
DOI :
10.1109/ICCCN.2000.885507
