Abstract
When a peer in a public network opens a connection to another one being behind a network address translator, it encounters the network address translation problem. So called “UDP hole punching” approach allows to open a public-to-private or private-to-private network connection. This article deals with this approach to propose new security architecture for IPv4 communication introducing so called “implicit security” concept. Main contributions are ability to interconnect to any host behind NAT using just a host’s domain name, enhanced mobility, and encryption and authentication of all data transmitted through this connection right from a packet sender to a local receiver. Secure channel is established on-demand automatically and is independent on any application. No additional modification of current NAT, IPv4 or DNS is required.
Please use the following format when citing this chapter: Cvrk, L., Vrba, V., 2007, in IFIP International Federation for Information Processing, Volume 245, Personal Wireless Communications, eds. Simak, B., Bestak, R., Kozowska, E., (Boston: Springer), pp. 355–366.
Chapter PDF
Similar content being viewed by others
Keywords
- Personal Wireless Communication
- Public Network
- Network Address Translation
- Login Request
- Original Packet
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Fergusson, N., Schneier, B., Practical Cryptography, Wiley Publishing, Inc., Indianopolis USA, 2003
A. J. Menzes, P. C. van Oorschot, S. A. Vanstone, Handbook of applied cryptography, CRC Press LLC, Florida, USA, 1997.
D. Kegel, “NAT and Peer-to-peer networking”, Web page, http://alumnus.caltech.edu/~dank/peer-nat.html. 1999
B. Ford, P. Srisuresh, and D. Kegel, “Peer-to-Peer Communication Across Network Address Translators”, Web page, http://www.brynosaurus.com/pub/net/p2pnat/ 2005.
S. Kent, R. Atkinson, “Security Architecture for the Internet Protocol”, RFC 2401, 1998.
T. Dierks, C. Allen, “The TLS Protocol Version 1.0”, RFC 2246, 1999.
Open VPN project, http://openvpn.sourceforge.net
H. Krawczyk, M. Bellare, and R. Canetti, “HMAC: Keyed-Hashing for Message Authentication”, RFC 2104, 1997.
Free S/WAN project, http://www.freeswan.org
S. Kent, R. Atkinson, “IP Encapsulating Security Payload (ESP)”, RFC 2406, 1998.
L. Cvrk, V. Zeman, D. Komosny, “H.323 Client-Independent Security Approach”. Lecture Notes in Computer Science, 2005.
S. Kent, and R. Atkinson, “IP Encapsulating Security Payload (ESP)”, RFC 2406, 1998.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 International Federation for Information Processing
About this paper
Cite this paper
Cvrk, L., Vrba, V. (2007). Secure Networking with NAT Traversal for Enhanced Mobility. In: Bestak, R., Simak, B., Kozlowska, E. (eds) Personal Wireless Communications. IFIP — The International Federation for Information Processing, vol 245. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-74159-8_35
Download citation
DOI: https://doi.org/10.1007/978-0-387-74159-8_35
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-74158-1
Online ISBN: 978-0-387-74159-8
eBook Packages: Computer ScienceComputer Science (R0)