next up previous
Next: Basic IP Security Headers Up: Formal Analysis of IP Previous: Introduction


The following standard definitions are primarily taken from [7], which outlines a security architecture for the Internet.

Authentication is the property of knowing that the data received is the same as the data that was sent and that the claimed sender is in fact the actual sender. A standard cryptographic hash algorithm that is used as a part of an authentication scheme is (keyed) MD5.

A slightly stronger property is given by a digital signature which, in addition to authentication, also guarantees that the message is uniquely associated with the sender and unforgeable by the recipient.

Integrity is the property of ensuring that data is transmitted from source to destination without undetected alteration.

Confidentiality is the property of communicating such that the intended recipients know what was sent but unintended parties cannot determine what was sent. Encryption is a mechanism used to provide confidentiality. In general, confidentiality is never a certainty[*] but a goal is to guard against known attacks against confidentiality. A standard symmetric encryption/decryption algorithm is DES.

Each of the above properties represent a ``service'' that may be provided by a set of cryptographic functions used in conjunction with a protocol and keying material. These services will be isolated to the IP layer and not rely on computation performed in higher layers. Strong cryptography is often weakened by subtle assumptions made during implementation. To guard against this type of weakness, security assumptions should not cross layer boundaries.

A security association, SA, is a relationship between a given set of network connections that establishes a set of shared security information. Typically, a security association will be specified by a group of secret keys, cryptographic algorithms, initialization vectors and usage modes for the algorithms. In practice, two entities that intend to communicate securely negotiate a SA for a particular connection or time period.

SPI is an acronym for ``Security Parameter Index''. It is an unstructured opaque index that is used in conjunction with the IP source address to identify a particular security association.

Note that neither a security association nor a SPI specify information about the usage of a protocol, they only give information about the implementation of the cryptographic algorithms. In all examples and arguments, we will assume that the cryptographic algorithms are computationally secure. Further material on cryptography can be found in [11].

next up previous
Next: Basic IP Security Headers Up: Formal Analysis of IP Previous: Introduction