Detail publikace

Decentralized Secure Communication across NAT

Lubomír Cvrk Jiří Mišurec Petr Daněček

Originální název

Decentralized Secure Communication across NAT

Anglický název

Decentralized Secure Communication across NAT

Jazyk

en

Originální abstrakt

When a host in a public network needs to open a connection to another one which is behind a network address translator the connection cannot be established in an ordinary way because of the translation. An approach called “UDP hole punching” allows opening such connection. This article deals with this approach to propose security architecture for communication using IPv4 protocol, introducing so called “implicit security” concept. Key benefits of this concept are ability to connect with any host behind network address translator using just a host’s domain name. Encryption and authentication of all data transmitted through this connection right from the packet sender to the real local receiver is a matter of course. Secure channel is established automatically on-demand and is independent on any application. No additional modification of current standards like NAT, IP v4 or DNS is required.

Anglický abstrakt

When a host in a public network needs to open a connection to another one which is behind a network address translator the connection cannot be established in an ordinary way because of the translation. An approach called “UDP hole punching” allows opening such connection. This article deals with this approach to propose security architecture for communication using IPv4 protocol, introducing so called “implicit security” concept. Key benefits of this concept are ability to connect with any host behind network address translator using just a host’s domain name. Encryption and authentication of all data transmitted through this connection right from the packet sender to the real local receiver is a matter of course. Secure channel is established automatically on-demand and is independent on any application. No additional modification of current standards like NAT, IP v4 or DNS is required.

Dokumenty

BibTex


@inproceedings{BUT16399,
  author="Jiří {Mišurec} and Lubomír {Cvrk} and Petr {Daněček}",
  title="Decentralized Secure Communication across NAT",
  annote="When a host in a public network needs to open a connection to another one which is behind a network address translator the connection cannot be established in an ordinary way because of the translation. An approach called “UDP hole punching” allows opening such connection. This article deals with this approach to propose security architecture for communication using IPv4 protocol, introducing so called “implicit security” concept. Key benefits of this concept are ability to connect with any host behind network address translator using just a host’s domain name. Encryption and authentication of all data transmitted through this connection right from the packet sender to the real local receiver is a matter of course. Secure channel is established automatically on-demand and is independent on any application. No additional modification of current standards like NAT, IP v4 or DNS is required.",
  booktitle="Proceedings 2nd International Conference on Electronics, Hardware, Wireless and Optical Communications",
  chapter="16399",
  year="2005",
  month="october",
  pages="10",
  type="conference paper"
}