| [Main] | [News] | [Introduction] | [Background] | [Design goals] | [Architecture] | [Crypto] |
| [Performance] | [Applications] | [Download] | [Publications] | [Contact] | [Links] |
Modern computer networks have already various means to survive the attacks of the potential adversaries. The attacks may come from outside (e.g., hackers from Internet) or inside (e.g., compromised nodes in the intranet).
We are reasonably well protected against most of the external attacks. Most of the solutions are coping well with the external attack using various security techniques. For example, we can protect our communication with IPsec, SSL/TLS, and Secure Shell protocols [Kent04, RFC2246, Ylönen03]. These solutions work both on wired and wireless networks. The access to our (wireless) networks can be restricted to legitimate users with access control techniques, such as EAP [RFC2579]. Link level encryption (such as WPA and A5) can be used to slow down the attackers [IEEE, 3GPP]. In addition, we can use application level security and integrity tools, such as PGP [RFC3156].
End-to-end security solutions are good in protecting information integrity and confidentiality as long as the communication channel is capable of delivering packet. But as soon as the network infrastructure is attacked, the upper level security solutions are helpless in case of information flood or shortage. The external attackers can do for example:
In these example cases, the end-to-end security solutions are capable of detecting incorrect packets but only when these packets have traveled through the entire network.
In computer networks, especially wireless ones, it is very difficult to prevent adversaries from disturbing the communication, but we should not let them to use our benevolent nodes in helping the attack. Some relief can be obtained by having hop-by-hop packet authentication and/or link-level encryption as the next hop router can verify that the packets are received from its actual neighbors. Unfortunately, this solution requires trust on every intermediate node between the source and destination. Thus, this scheme falls, immediately when we have compromised nodes in the network that may add, modify, and replay any of the packets. Then, only the final destination can detect erroneous and extra packets that may have already paralyzed the entire network infrastructure.
In addition, the internal attacks are very difficult to prevent since we do not have scalable solutions to revoke those users or computers that have become compromised.
When the legitimate users are relying on the steady operation of the communication infrastructure, any of the above mentioned attacks can easily paralyze the entire system. Especially, wireless networks are opening the physical networks to attacks.
We have taken an analogy from the everyday life in order to solve the communication problems. Modern money (e.g., 100 euro note) has several security measures to ensure the authenticity of the note (micro print, changing colors, watermark, hologram, metal string, etc.). When a merchant receives the note from a customer, the note can be verified on the spot and any modern forgeries can be detected right-away. There is no need to send the note to a bank for verification. This is a matter of availability and trust on the bank as well as the issue of performance. Since the forged note creates a significant monetary loss for the merchant, one must be capable of verifying every note locally. Thus the requirement is: Without prior communication with the customer, the merchant must be able to verify that the note is authentic using predefined security procedures. some history, how we have arrived at this stage
The original idea of PLA was invented 2002 in 007-project that was funded by Finnish Defence Forces. PLA's initial goal was to protect data communication in wireless ad hoc networks in battlefield environment by introducing digital signatures in every packet using public key -based digital signature algorithms. By adding the public key in every packet, each IP packet was then self-sufficient container of information that could be validated independently from the other packets.