secure address resolution protocol by wahid311

8/7/2019 Secure Address Resolution Protocol by Wahid311

http://slidepdf.com/reader/full/secure-address-resolution-protocol-by-wahid311 1/17

CN Lab Mini Project

Abdul Wahid Khan 08it03

Jithu John Varghese 08it31



Introduction

Problem Statement

Solution to the problem Implementation

Software requirements

Current work

Goals



NIC and MAC addresses

IP addresses

ARP Address Resolution Protocol Work of ARP

IPMAC address

RARP Reverse ARP

MAC IP address



What is ARP?

An ARP Request. Computer A asks the network, "Who has this IP

address?"

An ARP Reply.

Computer B tells Computer A, "I have that IP. MyMAC address is [whatever it is]."



ARP Cache

Table containing <IP,MAC> pair for all other hostson network

IP MAC address

192.168.0.31 00:23:D3:44:F5:5A

192.168.0.22 10:42:3D:33:E3:B4



ARP Poisoning

ARP is stateless protocol

It means a host can receive reply without evensending a request

Also ARP Cache is updated every time a reply isreceived

So hackers send fake replies to hosts and alterARP Cache entries



Types of ARP Poisoning

Denial of Service

Man in the middle MAC flooding




Denial of Service

▪

Hackers alter router’s or any one of the host’s ARP Cacheso and put some fake MAC address so that we do notget served.



Types of ARP

Poisoning

Man in themiddle




MAC Flooding

▪

Happens mostly in Network switches



Secure ARP (S-ARP)

an additional 12-byte header is inserted at the endof the protocol standard messages to carry theauthentication information

Protocol uses asymmetric cryptography*

Adopted DSA (Digital Signature Algo.)

* key used to encrypt the information is not the same as thekey used to decrypt the information



(S-ARP) Message Format

12 byte SARP

header added



Planning to implement using 3 separate PCs

The software will be installed on all the 3 PCs

This is basically done to check MITM attack

The Denial of Service attack will also be

checked through the same scheme



The asymmetric cryptography will be

implemented by making a Authoritative Key

Distributor (AKD) which will store the publickeys to decrypt the messages

One of the computer in small network will be

used to serve as AKD



Developed understanding of pre-requisites

for the topic

Studying new algorithms (asymmetriccryptography and digital signature algorithm)

and orientation on the design of the structure

for the solution to the problem statement

Identification of methodology for the project

as specified in implementation



Install required software (Ubuntu OS)

Design program structure for

implementation

Code

Test

secure address resolution protocol by wahid311

Documents