graphicHomeAdvance ProgramAward Anniversary EventCall for PapersConference CommitteeLocal InformationPaper SubmissionProgram committeeRegistrationStudent Travel AwardsTutorialgraphic Sigcomm logoSigcomm'99

KHIP - A Scalable Protocol for Secure Multicast Routing

Clay Shields and J.J. Garcia-Luna-Aceves
Computer Engineering Department, University of California, Santa Cruz

We present Keyed HIP (KHIP), a secure, hierarchical multicast routing protocol. We show that other shared-tree multicast routing protocols are subject to attacks against the multicast routing infrastructure that can isolate receivers or domains or introduce loops into the structure of the multicast routing tree. KHIP changes the multicast routing model so that only trusted members are able to join the multicast tree. This protects the multicast routing against attacks that could form branches to unauthorized receivers, prevents re-play attacks and limits the effects of flooding attacks. Untrusted routers that are present on the path between trusted routers cannot change the routing and can mount no denial-of-service attack stronger than simply dropping control messages. KHIP also provides a simple mechanism for distributing data encryption keys while adding little overhead to the protocol.

Papers are provided as a service to all by the members of ACM SIGCOMM. Please check this box if you are a SIGCOMM member so we can get an idea of how the service is used.

This paper is available in and .

For information about joining SIGCOMM, follow this link

bar

The referenced paper appears in Computer Communication Review, a publication of ACM SIGCOMM, volume 29, number 4, October 1999.

ACM Copyright Notice: Copyright (c) 1999 by Association for Computing Machinery, Inc. (ACM) Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that the copies are not made or distributed for profit or commercial advantage and that the copies bear this notice and full citation on the first page. Copyright for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permission to publish from: Publications Dept. ACM, Inc. Fax +1 212 869 0481 or email at mailto:permission@acm.org