COLLOQUIUM Department of Computer Science and Engineering University of South Carolina Hop Integrity in Computer Networks Chin-Tser Huan Department of Computer Sciences University of Texas Date: April 7, 2003 (Monday) Time: 3:30-4:30PM Place: Swearingen 1A03 (Faculty Lounge) Abstract A computer network is said to provide hop integrity if and only if the following condition holds for every pair of adjacent routers p and q in the network: when q receives a message m supposedly from p, then q can check that m was not modified after it was sent by p, and that m was not a replay of an old message sent long ago by p. In this talk, we argue that hop integrity in a computer network can prevent most denial-of-service attacks in that network. We also present a suite of protocols that can be added to the routers in a computer network so that the network can provide hop integrity. This protocol suite consists of three protocols: a secret exchange protocol, a weak integrity protocol, and a strong integrity protocol. All these protocols are stateless, require small overhead, and do not constrain the network protocol in any way. Hop integrity is the only scheme that is known to prevent denial-of-service attacks in computer networks. Other schemes can detect the sources of such attacks after these attacks have been under way for some time. Chin-Tser Huang received his M.S. in computer sciences from the University of Texas at Austin in 1998, and the B.S. in computer science and information engineering from National Taiwan University in 1993. Currently, he is a Ph.D. candidate in computer sciences at the University of Texas at Austin. His research interests include network security, network protocol design and verification, and distributed systems. He can be reached at chuang@cs.utexas.edu.