Improving security in the FDDI protocol
Authors
Jones, Benjamin Edward
Subjects
Advisors
Lundy, G.M.
Stemp, R.
Date of Issue
1992-09
Date
September 1992
Publisher
Monterey, California. Naval Postgraduate School
Language
en_US
Abstract
The arrival of high speed packet switched fiber optic LANs has allowed local area design architectures to be used for larger metropolitan area network (MANs) implementation. The current LAN security mechanisms used in larger and faster fiber optic LANs and MANs are often inappropriate or unacceptable for use with emerging applications. The protocol of the Fiber Distributed Data Interface (FDDI) standard provides a natural means for message integrity and availability verification. However, privacy in FDDI is facilitated at higher layers through a generic LAN standard. This thesis proposes a modification to the FDDI protocol implemented at the medium access control (MAC) sublayer, which integrates a confidentiality mechanism for data transfer. The modification provides a simple comprehensive security package to meet high performance needs of current and emerging applications. In the proposed modification, the inherent properties of the ring are exploited using a unique Central Key Translator to distribute initial session keys. Asymmetric bit stream cipher based on modulo2 addition is used for encryption/decryption by the transmitting and receiving stations. Part of the plaintext from transmitted message frames is used as feedback to generate new session keys.
Type
Thesis
Description
Series/Report No
Department
Department of Computer Science
Organization
Naval Postgraduate School
Identifiers
NPS Report Number
Sponsors
Funder
Format
66 p.
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.