Name
Abstract | ||
|---|---|---|
The trends of the increasing middleboxes make the middle network more and more complex. Today, many middlehoxes work on application layer and offer significant network services by the plain-text traffic, such as firewalling, intrusion detecting and application layer gateways. At the same time, more and more network applications arc encrypting their data transmission to protect security and privacy. It is becoming a critical task and hot topic to continue providing application-layer middlehox services in the encrypted Internet, however, the state of the art is far from being able to be deployed in the real network. In this paper, we propose a practical architecture, named PlainBox, to enable session key sharing between the communication client and the middleboxes in the network path. It employs Attribute-Based Encryption (ABE) in the key sharing protocol to support multiple chaining middleboxes efficiently and securely. We develop a prototype system and apply it to popular security protocols such as TLS and SSH. We have tested our prototype system in a lab testhed as well as real-world websites. Our result shows PlainBox introduces very little overhead and the performance is practically deployable. |
Year | Venue | Field |
|---|---|---|
2018 | IEEE INFOCOM | Application layer,Middlebox,Cryptographic protocol,Computer science,Server,Testbed,Computer network,Encryption,Session key,The Internet |
DocType | ISSN | Citations |
Conference | 0743-166X | 0 |
PageRank | References | Authors |
0.34 | 0 | 6 |