Abstract

The Adaptive Cryptographically Synchronized Authentication (ACSA) Project offers a new approach to data authentication in networks by trading off authentication strength and performance. In ACSA, the communicants select among various authentication gears to balance their performance and security needs. These gears include three basic groups: (1) conventional mechanisms that are computationally intensive but considered highly secure; (2) higher-speed, lower-strength mechanisms including Universal Message Authentication Codes (UMACs) and our novel inner-function group (IFG) with bit scattering; and (3) Partial MACs (PMACs) that calculate the authentication tag on only a subset of the message. We are implementing a prototype ACSA System based on the popular IPsec protocols and are demonstrating its effectiveness on high-speed network applications.

Date

January 25, 2000

Authors

Jamison M Adcock, David M Balenson, David W Carman, Michael Heyman, Alan T Sherman

Conference

Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00

Volume

1

Pages

127-139

Publisher

IEEE