The Packet Level Authentication (PLA) -project is 100%-ly Tekes funded, strategic research project developing new methods to protect IP-based critical network infrastructures against various attacks. This PLA-project started 1.1.2006 and is scheduled to finish by 30.04.2008.
PLA adds a new IP-header in every IP-packet sent though the network. With this new header, every intermediate router can validate integrity, timeliness and uniqueness of the packet before forwarding it further in the network. Main design goals are introduced here.
We use standard IP-header extension technique in PLA to add a new header in every IP packet. Detailed architecture is here.
The cryptographic algorithms used in PLA are selected to combine speed, size and performance. Hence, elliptic curve digital signature algorithms are used in PLA.
Initial performance results are promising and we anticipate to meet performance requirements from small scale sensor networks to core network routers of Internet.
This project is based on open-source principles and PLA's proof-of-concept implementation can be downloaded here and our publications can be found here.