PLUG-AND-PLAY IP SECURITY: ANONYMITY INFRASTRUCTURE INSTEAD OF PKI
, Bar Ilan University
Date: Thursday, October 17, 2013
Time: 3:00 PM to 4:00 PM Note: all times are in the Eastern Time Zone
Host: Shafi Goldwasser
Contact: Holly A Jones, email@example.com
Relevant URL: http://toc.csail.mit.edu/node/354
Speaker URL: None
TALK: PLUG-AND-PLAY IP SECURITY: ANONYMITY INFRASTRUCTURE INSTEAD OF PKI
ABSTRACT: We present the Plug-and-Play IP Security (PnP-IPsec) protocol. PnP-IPsec automatically establishes IPsec security associations between gateways, avoiding the need for manual administration and coordination between gateways, and the dependency on IPsec public key certificates - the two problems which are widely believed to have limited the use of IPsec mostly to intra-organization communication.
PnP-IPsec builds on Self-validated Public Data Distribution (SvPDD), a protocol that we present to establish secure connections between remote peers/networks, without depending on pre-distributed keys or certification infrastructure. Instead, SvPDD uses available anonymous communication infrastructures such as Tor, which we show to allow detection of MitM attacker interfering with communication. SvPDD may also be used in other scenarios lacking secure public key distribution, such as the initial connection to an SSH server.
Created by Holly A Jones at Friday, October 11, 2013 at 11:07 AM.