• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

Computer Engineering & Science ›› 2024, Vol. 46 ›› Issue (06): 1022-1031.

• Computer Network and Znformation Security • Previous Articles     Next Articles

An intrinsic secure open shortest path first protocol based on identity cryptography

XUN Peng,CHEN Hong-yan,WANG Yong-zhi,LI Shi-jie   

  1. (College of Computer Science and Technology,National University of Defense Technology,Changsha 410073,China)
  • Received:2023-05-05 Revised:2023-08-31 Accepted:2024-06-25 Online:2024-06-25 Published:2024-06-17

Abstract: Routing protocols like Open Shortest Path First Version 2(OSPFV2) TCP/IP internet routing protocol play a crucial role in the connectivity and secure transmission of information within networks. However, traditional OSPFV2 lacks the capability to defend against source route spoofing or route information tampering, making networks vulnerable to attacks. Existing security strategies are often add-on solutions, which can lead to new security issues or have low security effectiveness. To address this, a novel OSPFV2 protocol based on identity-based cryptography is proposed. This protocol embeds identity-based cryptography within the routing exchange process, enabling networks to efficiently defend against route tampering and spoofing attacks internally. Furthermore, considering various limitations in deploying secure OSPFV2 protocols on a large scale, an operational mechanism supporting incremental deployment is designed using opaque link state advertisements. Simulation experiments demonstrate that the proposed internally secure OSPFV2 protocol possesses the capability to resist source route spoofing and data tampering while minimizing convergence delay.


Key words: OSPFV2 protocol(open shortest path first version 2 protocol), source routing information modification, intrinsic security, identity cryptography