IEEE Copyright Notice

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

ACM Copyright Notice

These are the authors' versions of the work. The copyright is with ACM. They are posted here by permission of ACM for your personal use. Not for redistribution. See individual publication details for information on the publication of the definitive versions.

Springer-Verlag LNCS Copyright Notice

The copyright of these contributions has been transferred to Springer-Verlag Berlin Heidelberg New York. The copyright transfer covers the exclusive right to reproduce and distribute the contribution, including reprints, translations, photographic reproductions, microform, electronic form (offline, online), or any other reproductions of similar nature. Online available from Springer-Verlag LNCS series.

Work that appeared before the 1st of September 2003 was published while the authors were with the Lehrstuhl Praktische Informatik IV at the University of Mannheim.

CLL: A Cryptographic Link Layer for Local Area Networks

Author(s): Yves Igor Jerschow, Christian Lochert, Björn Scheuermann, Martin Mauve.
Title: CLL: A Cryptographic Link Layer for Local Area Networks
Published: SCN 2008: Proceedings of the 6th Conference on Security and Cryptography for Networks, pp. 21--38, Amalfi, Italy, September 2008
Abstract: Ethernet and IP form the basis of the vast majority of LANinstallations. But these protocols do not provide comprehensivesecurity mechanisms, and thus give way for a plethora of attackscenarios. In this paper, we introduce a layer 2/3 security extensionfor LANs, the Cryptographic Link Layer (CLL). CLL providesauthentication and confidentiality to the hosts in the LAN bysafeguarding all layer 2 traffic including ARP and DHCP handshakes. Itis transparent to existing protocol implementations, especially to theARP module and to DHCP clients and servers. Beyond fending offexternal attackers, CLL also protects from malicious behavior ofauthenticated clients. We discuss the CLL protocol, motivate theunderlying design decisions, and finally present implementations ofCLL for both Windows and Linux. Their performance is demonstratedthrough real-world measurement results.
DOI: 10.1007/978-3-540-85855-3_3
Bib entry: [XML] [BibTeX]
Download: [PDF]
Verantwortlich für den Inhalt: E-Mail sendenWE Informatik