Cryptology ePrint Archive: Report 2019/407

Privacy-Preserving Network Path Validation

Binanda Sengupta and Yingjiu Li and Kai Bu and Robert H. Deng

Abstract: The end-users communicating over a network path currently have no control over the path. For a better quality of service, the source node often opts for a superior (or premium) network path in order to send packets to the destination node. However, the current Internet architecture provides no assurance that the packets indeed follow the designated path. Network path validation schemes address this issue and enable each node present on a network path to validate whether each packet has followed the specific path so far. In this work, we introduce two notions of privacy -- path privacy and index privacy -- in the context of network path validation. We show that, in case a network path validation scheme does not satisfy these two properties, the scheme is vulnerable to certain practical attacks (that affect the reliability, neutrality and quality of service offered by the underlying network). To the best of our knowledge, ours is the first work that addresses privacy issues related to network path validation. We design PrivNPV, a privacy-preserving network path validation protocol, that satisfies both path privacy and index privacy. We discuss several attacks related to network path validation and how PrivNPV defends against these attacks. Finally, we discuss the practicality of PrivNPV based on relevant parameters.

Category / Keywords: Network path validation, Path privacy, Index privacy, Source authentication

Original Publication (with minor differences): ACM Transactions on Internet Technology

Date: received 17 Apr 2019, last revised 12 Feb 2020

Contact author: binujucse3 at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20200212:144241 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]