Abstract
A secure failure-localization path-quality-monitoring (FL- PQM) protocols allows a sender to localize faulty links on a single path through a network to a receiver, even when intermediate nodes on the path behave adversarially. Such protocols were proposed as tools that enable Internet service providers to select high-performance paths through the Internet, or to enforce contractual obligations. We give the first formal definitions of security for FL-PQM protocols and construct:
-
1
A simple FL-PQM protocol that can localize a faulty link every time a packet is not correctly delivered. This protocol’s communication overhead is O(1) additional messages of length O(n) per packet (where n is the security parameter).
-
1
A more efficient FL-PQM protocol that can localize a faulty link when a noticeable fraction of the packets sent during some time period are not correctly delivered. The number of additional messages is an arbitrarily small fraction of the total number of packets.
We also prove lower bounds for such protocols:
-
1
Every secure FL-PQM protocol requires each intermediate node on the path to have some shared secret information (e.g. keys).
-
1
If secure FL-PQM protocols exist then so do one-way functions.
-
1
Every black-box construction of a FL-PQM protocol from a random oracle that securely localizes every packet and adds at most O(logn) messages overhead per packet requires each intermediate node to invoke the oracle.
These results show that implementing FL-PQM requires active cooperation (i.e. maintaining keys and agreeing on, and performing, cryptographic protocols) from all of the intermediate nodes along the path. This may be problematic in the Internet, where links operate at extremely high speeds, and intermediate nodes are owned by competing business entities with little incentive to cooperate.
Chapter PDF
Similar content being viewed by others
References
Traceroute (September 2001), http://costard.lbl.gov/cgi-bin/man/man2html?traceroute+8
Argyraki, K., Maniatis, P., Cheriton, D., Shenker, S.: Providing packet obituaries. ACM HotNets-III (2004)
Avramopoulos, I., Kobayashi, H., Wang, R., Krishnamurthy, A.: Highly secure and efficient routing. In: INFOCOM 2004, vol. 1, p. 208 (2004)
Awerbuch, B., Holmer, D., Nita-Rotaru, C., Rubens, H.: An secure routing protocol resilient to byzantine failures. In: WiSE 2002, pp. 21–30. ACM Press, New York (2002)
Crovella, M., Krishnamurthy, B.: Internet Measurement. Wiley, Chichester (2006)
Dolev, D., Dwork, C., Waarts, O., Yung, M.: Perfectly secure message transmission. J. ACM 40(1), 17–47 (1993)
Duffield, N.G., Grossglauser, M.: Trajectory sampling for direct traffic observation. IEEE/ACM Trans. Netw. 9(3), 280–292 (2001)
Goldberg, S., Xiao, D., Barak, B., Rexford, J.: A cryptographic study of secure internet measurement, TR-783-07. Technical report, Princeton University, Department of Computer Science (May 2007)
Goldberg, S., Xiao, D., Barak, B., Rexford, J., Tromer, E.: Path-quality monitoring in the presence of adversaries. In: ACM SIGMETRICS (2008)
Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986)
He, J., Rexford, J.: Towards Internet-wide multipath routing. IEEE Network Magazine Special Issue on Scalablity (March 2008)
IETF. Network time protocol (ntp) charter, http://www3.ietf.org/proceedings/05mar/ntp.html
Impagliazzo, M., Luby, R.: One-way functions are essential for complexity based cryptography. In: FOCS, pp. 230–235 (October 1989)
Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: STOC 1989, pp. 44–61. ACM Press, New York (1989)
Jacobson, V.: Congestion avoidance and control. In: ACM SIGCOMM 1988, Stanford, CA, pp. 314–329 (Augest 1988)
Kent, S., Lynn, C., Seo, K.: Secure border gateway protocol (S-BGP). IEEE Jour. Sel. Areas in Comm. 18(4), 582–592 (2000)
Laskowski, P., Chuang, J.: Network monitors and contracting systems: competition and innovation. In: SIGCOMM 2006, pp. 183–194. ACM Press, New York (2006)
Mahajan, R., Spring, N., Wetherall, D., Anderson, T.: User-level internet path diagnosis. SIGOPS Oper. Syst. Rev. 37(5), 106–119 (2003)
Mizrak, A., Cheng, Y.-C., Marzullo, K., Savage, S.: Fatih: detecting and isolating malicious routers. In: DSN 2005, pp. 538–547 (28 June-1 July 2005)
Naor, M., Rothblum, G.N.: Learning to impersonate. In: ICML 2006, pp. 649–656. ACM Press, New York (2006)
Padmanabhan, V.N., Simon, D.R.: Secure traceroute to detect faulty or malicious routing. SIGCOMM Comput. Commun. Rev. 33(1), 77–82 (2003)
HÅstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM Journal on Computing 28(4), 1364–1396 (1999)
Subramanian, L., Roth, V., Stoica, I., Shenker, S., Katz, R.H.: Listen and whisper: security for BGP. In: USENIX NSDI 2004, p. 10 (2004)
Wong, E.L., Balasubramanian, P., Alvisi, L., Gouda, M.G., Shmatikov, V.: Truth in advertising: Lightweight verification of route integrity. In: PODC (2007)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Barak, B., Goldberg, S., Xiao, D. (2008). Protocols and Lower Bounds for Failure Localization in the Internet. In: Smart, N. (eds) Advances in Cryptology – EUROCRYPT 2008. EUROCRYPT 2008. Lecture Notes in Computer Science, vol 4965. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-78967-3_20
Download citation
DOI: https://doi.org/10.1007/978-3-540-78967-3_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-78966-6
Online ISBN: 978-3-540-78967-3
eBook Packages: Computer ScienceComputer Science (R0)