T-IP: A self-trustworthy and secure Internet protocol

IPsec has become an important supplement of IP to provide security protection. However, the heavyweight IPsec has a high transmission overhead and latency, and it cannot provide the address accountability. We propose the self-trustworthy and secure Internet protocol (T-IP) for authenticated and encrypted network layer communications. T-IP has the following advantages: (1) Self-Trustworthy IP address. (2) Low connection latency and transmission overhead. (3) Reserving the important merit of IP to be stateless. (4) Compatible with the existing TCP/IP architecture. We theoretically prove the security of our shared secret key in T-IP and the resistance to the known session key attack of our security-enhanced shared secret key calculation. Moreover, we analyse the possibility of the application of T-IP, including its resilience against the man-in-the-middle attack and DoS attack. The evaluation shows that T-IP has a much lower transmission overhead and connection latency compared with IPsec.

[1]  Fan Yang,et al.  The QUIC Transport Protocol: Design and Internet-Scale Deployment , 2017, SIGCOMM.

[2]  Tanja Lange,et al.  MinimaLT: minimal-latency networking through better security , 2013, IACR Cryptol. ePrint Arch..

[3]  Usha Devi Gandhi,et al.  Enhanced DTLS with CoAP-based authentication scheme for the internet of things in healthcare application , 2017, The Journal of Supercomputing.

[4]  Su Jinshu,et al.  SA-IBE: A Secure and Accountable Identity-based Encryption Scheme , 2011 .

[5]  Lixia Zhang,et al.  Stream Control Transmission Protocol , 2000, RFC.

[6]  Qiong Huang,et al.  Sakai–Ohgishi–Kasahara identity-based non-interactive key exchange revisited and more , 2016, International Journal of Information Security.

[7]  Sumit Mishra,et al.  Network security protocol for constrained resource devices in Internet of things , 2015, 2015 Annual IEEE India Conference (INDICON).

[8]  Diana K. Smetters,et al.  Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPSEC , 2003, USENIX Security Symposium.

[9]  Nick Feamster,et al.  Understanding the network-level behavior of spammers , 2006, SIGCOMM 2006.

[10]  Mark Handley,et al.  The Case for Ubiquitous Transport-Level Encryption , 2010, USENIX Security Symposium.

[11]  Gabriel Montenegro,et al.  IPv6 Opportunistic Encryption , 2002 .

[12]  Hanno Wirtz,et al.  Tailoring end-to-end IP security protocols to the Internet of Things , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[13]  Azeddine Bilami,et al.  Efficient HIP-based approach to ensure lightweight end-to-end security in the internet of things , 2015, Comput. Networks.