### P3V: Privacy-Preserving Path Validation System for Multi-Authority Sliced Networks

##### Abstract

In practical operational networks, it is essential to validate path integrity, especially when untrusted intermediate nodes are from numerous network infrastructures operated by several network authorities. Current solutions often reveal the entire path to all parties involved, which may potentially expose the network structures to malicious intermediate attackers. Additionally, there is no prior work done to provide a systematic approach combining the complete lifecycle of packet delivery, i.e., path slicing, path validation and path rerouting, leaving these highly-intertwined modules completely separated. In this work, we present a decentralized privacy-preserving path validation system 𝑃3𝑉 that integrates our novel path validation protocol with an efficient path slicing algorithm and a malice-resilient path rerouting mechanism. Specifically, leveraging Non-Interactive Zero-Knowledge proofs, our path validation protocol XOR-Hash-NIZK protects the packet delivery tasks against information leakage about multi-hop paths and potentially the underlying network infrastructures. We implemented and evaluated our system on a state-of-the-art 5G Dispersed Computing Testbed simulating a multi-authority network. Our results show that while preserving the privacy of paths and nodes and enhancing the security of network service, our system optimizes the performance trade-off between network service quality and security/privacy.

Available format(s)
Category
Applications
Publication info
Preprint.
Keywords
Privacy-PreservingZero-KnowledgeNetwork SecurityNetwor Slicing
Contact author(s)
weizhaoj @ usc edu
kline @ isi edu
tkskwork @ gmail com
lincoln @ isi edu
sravi @ isi edu
History
2023-01-30: revised
See all versions
Short URL
https://ia.cr/2023/053

CC BY

BibTeX

@misc{cryptoeprint:2023/053,
author = {Weizhao Jin and Erik Kline and T. K. Satish Kumar and Lincoln Thurlow and Srivatsan Ravi},
title = {P3V: Privacy-Preserving Path Validation System for Multi-Authority Sliced Networks},
howpublished = {Cryptology ePrint Archive, Paper 2023/053},
year = {2023},
note = {\url{https://eprint.iacr.org/2023/053}},
url = {https://eprint.iacr.org/2023/053}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.