A CPK-Based Security Scheme at Network Layer

Author

Xie, Zhiyuan ; He, Junhui ; Tang, Shaohua

Author_Institution

Sch. of Comput. Sci. & Eng., South China Univ. of Technol., Guangzhou, China

Volume

2

fYear

2009

fDate

11-14 Dec. 2009

Firstpage

406

Lastpage

410

Abstract

A novel security scheme at network layer is proposed. It provides mutual authentication between the communication partners by adopting the effective combined public key (CPK) algorithm, which is an identity-based cryptosystem. And each outgoing packet can be digitally signed with CPK-based signature, which uses elliptic curve digital signature algorithm (ECDSA) and may offer equal security with a far smaller key size than RSA´ s, to provide packet-level non-repudiation when necessary. In addition, the data transmitted over the network can be encrypted for better security via a symmetric or asymmetric cipher. Compared to similar network security solutions, the proposed scheme is easier to configure and more flexible. The experimental results show that the scheme owns better efficiency.

Keywords

computer network security; digital signatures; public key cryptography; CPK based security scheme; RSA; asymmetric cipher; combined public key algorithm; elliptic curve digital signature algorithm; identity based cryptosystem; network layer; network security solutions; packet level nonrepudiation; symmetric cipher; Authentication; Computer security; Data security; Elliptic curve cryptography; IP networks; Identity-based encryption; National security; Protocols; Public key; Public key cryptography; CPK; authentication; security connection;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence and Security, 2009. CIS '09. International Conference on

Conference_Location

Beijing

Print_ISBN

978-1-4244-5411-2

Type

conf

DOI

10.1109/CIS.2009.109

Filename

5376140