Abstract
IP multicast is growing to be the future vehicle of delivery for multime-dia voice/video/text in the Internet to its millions of connected users. With PIM emerging as the multicast routing protocol standard in the networking industry, and more specifically PIM-SM (Sparse Mode) for multicasting to sparse groups, the security of PIM represents a crucial factor for the successful wide deployment of IP multicast in the Internet. The current work argues that the authentication-key arrangement for PIMv2 [1] from the PIM WG is insufficient for interdomain authentication of PIM control-messages. The paper analyses some of the deficiencies of the PIM WG proposal, and offers some solutions to these shortcomings, whilst maintaining the key arrangement proposed by the PIM WG.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
L. Wei, “Authenticating PIM version 2 messages,” Nov 1998. draft-ietf-pim-v2-auth-00.txt(http://www.ietf.org).
S. Deering, “Host extensions for IP multicasting,” RFC 1112, IETF, 1989.
D. Waitzman, C. Partridge, and S. Deering, “Distance vector multicast routing protocol,” RFC 1075, IETF, 1988.
T. Ballardie, P. Francis, and J. Crowcroft, “Core based trees: An architecture for scalable inter-domain multicast routing,” in Proceedings of ACM SIGCOMM’93, (San Francisco), pp. 85–95, ACM, 1993.
J. Moy, “Multicast extensions to OSPF,” RFC 1584, IETF, 1994.
S. Deering, D. Estrin, D. Farinacci, M. Handley, A. Helmy, V. Jacobson, C. Liu, P. Sharma, D. Thaler, and L. Wei, “Protocol Independent Multicast - Sparse Mode: Motivations and architecture,” Aug 1998. draft-ietf-pim-arch-05.txt available at http://www.ietf.org.
D. Farinacci, Y. Rekhter, P. Lothberg, H. Kilmer, and J. Hall, “Multicast Source Discovery Protocol (MSDP),” tech. rep., IETF, June 1998. draft-farinacci-msdp-00.txt.
S. Kent and R. Atkinson, “IP authentication header,” RFC 2402, IETF, Nov 1998.
C. Madsen and R. Glenn, “The use of HMAC-MD5–96 within ESP and AH,” RFC 2403, IETF, Nov 1998.
R. L. Rivest, “The MD5 message digest algorithm,” RFC 1321, IETF, Apr 1992.
C. Madsen and R. Glenn, “The use of HMAC-SHA-1–96 within ESP and AH,” RFC 2404, IETF, Nov 1998.
RSA Laboratories, “PKCS1: RSA encryption standard,” 1993.
L. Gong, “Increasing availability and security of an authentication service,” IEEE Journal on Selected Areas in Communications, vol. 11, no. 5, pp. 657–662, 1993.
A. Heffernan, “Protection of BGP sessions via the TCP MD5 signature option,” Mar 1998. draft-ietf-idr-bgp-tcp-md5–00. txt available at http://www.ietf.org.
Y. Rekhter and T. Li, “A Border Gateway Protocol 4 (BGP-4),” RFC 1771, IETF, 1995.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Hardjono, T., Cain, B. (1999). PIM-SM Security: Interdomain Issues and Solutions. In: Preneel, B. (eds) Secure Information Networks. IFIP — The International Federation for Information Processing, vol 23. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35568-9_13
Download citation
DOI: https://doi.org/10.1007/978-0-387-35568-9_13
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6487-1
Online ISBN: 978-0-387-35568-9
eBook Packages: Springer Book Archive