SERVNET: Path Validation with Authenticated Packet Modification in Service Function Chains

Page view(s)
21
Checked on Dec 18, 2022
SERVNET: Path Validation with Authenticated Packet Modification in Service Function Chains
Title:
SERVNET: Path Validation with Authenticated Packet Modification in Service Function Chains
Other Titles:
ICC 2022 - IEEE International Conference on Communications
Publication Date:
11 August 2022
Citation:
Sengupta, B., & Lakshminarayanan, A. (2022). SERVNET: Path Validation with Authenticated Packet Modification in Service Function Chains. ICC 2022 - IEEE International Conference on Communications. https://doi.org/10.1109/icc45855.2022.9839174
Abstract:
A sequence of composable network functions constitutes a service function chain (SFC). Network function virtualization and software-defined networking have made SFCs feasible. With SFCs, a fundamental security requirement is that traffic, directed to traverse a path of network functions, actually follows the specified path. Current path validation enables path enforcement and verification, with on-path nodes able to verify that packets have indeed traversed the specified path. However, there is a problem — on-path service nodes, that implement network functions, might modify packets, whereas current path validation techniques do not allow packet modification. We propose SERVNET, a path validation scheme which supports authenticated packet modification. SERVNET uses a cryptographic primitive called chameleon hash function which allows packet modification without changing its associated hash value. To the best of our knowledge, SERVNET is the first work on path validation that allows authenticated packet modification by designated nodes.
License type:
Publisher Copyright
Funding Info:
This research / project is supported by the A*STAR - IAF-PP
Grant Reference no. : A20F8a0044
Description:
© 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
ISSN:
1938-1883
Files uploaded:

File Size Format Action
servnet-accepted-versionamended.pdf 455.46 KB PDF Open