RBWA: an efficient random-bit window-based authentication protocol

Abstract

Given the wide and rapid deployment of "visitor networks" (Dory Leifer 2002), how to authenticate the user and account the usage on the per-packet basis securely and yet efficiently is still a challenging problem. In this paper, we explore the tradeoff between performance and security, and propose a per-data-packet authentication and access control protocol called RBWA (random-bit window-based authentication). Deployed in the IP layer, RBWA can work with various underlying linker layer specific mechanisms and network topologies. And compared with IPSec, it dramatically reduces the overhead and power consumption by adding only a few bits to each data packet. Furthermore, RBWA is strong against a suite of attacks such as replay attack, denial-of-service attack and spoofing etc. In particular, a robust antireplay window scheme is developed to counter the severe packet reordering. The performance of RBWA is evaluated via the simulation.