An Alternative Approach to Authenticate Subflows of Multipath Transmission Control Protocol using an Application Level Key
View/ Open
Date
2020Author
Wijethilake, Tharindu
Gunawardana, Kasun
Keppitiyagama, Chamath
De Zoyza, Kasun
Metadata
Show full item recordAbstract
Abstract: Multipath Transmission Control
Protocol (MPTCP) is an extension to
Transmission Control Protocol (TCP)
proposed by the Internet Engineering Task
Force (IETF). The intention of MPTCP was to
use multiple network interfaces in a single
network connection simultaneously.
Researches have identified that there are a
considerable amount of security threats
related to the connections initiated by
MPTCP. In this research, we studied on the
security threats generated by sharing
authentication keys in the initial handshake
of the MPTCP in plain text format and
investigated the applicability of external keys
in authenticating sub-flows with minimum
modifications to the kernel and the socket
APIs. To pass external keys from user space
to kernel space, we used sin_zero padding in
TCP socket data structure. Through the
experiments we found that MPTCP sub-flows
can be authenticated and certain
vulnerabilities can be avoided with our
approach.
Collections
- Computer Science [66]