Browse Prior Art Database

Physical Link Security Type of Service (RFC1455)

IP.com Disclosure Number: IPCOM000002283D
Original Publication Date: 1993-May-01
Included in the Prior Art Database: 2000-Sep-12
Document File: 5 page(s) / 11K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. Eastlake: AUTHOR

Abstract

This RFC documents an experimental protocol providing a Type of Service (TOS) to request maximum physical link security. This is an addition to the types of service enumerated in RFC 1349: Type of Service in the Internet Protocol Suite. The new TOS requests the network to provide what protection it can against surreptitious observation by outside agents of traffic so labeled. The purpose is protection against traffic analysis and as an additional possible level of data confidentiality. This TOS is consistent with all other defined types of service for IP version 4 in that it is based on link level characteristics and will not provide any particular guaranteed level of service.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 26% of the total text.

Network Working Group D. Eastlake, III

Request for Comments: 1455 Digital Equipment Corporation

May 1993

Physical Link Security Type of Service

Status of this Memo

This memo defines an Experimental Protocol for the Internet

community. Discussion and suggestions for improvement are requested.

Please refer to the current edition of the "IAB Official Protocol

Standards" for the standardization state and status of this protocol.

Distribution of this memo is unlimited.

Abstract

This RFC documents an experimental protocol providing a Type of

Service (TOS) to request maximum physical link security. This is an

addition to the types of service enumerated in RFC 1349: Type of

Service in the Internet Protocol Suite. The new TOS requests the

network to provide what protection it can against surreptitious

observation by outside agents of traffic so labeled. The purpose is

protection against traffic analysis and as an additional possible

level of data confidentiality. This TOS is consistent with all other

defined types of service for IP version 4 in that it is based on link

level characteristics and will not provide any particular guaranteed

level of service.

1. Nature of Requirement

This Internet Protocol addition addresses two potential security

requirements: resistance to traffic analysis and confidentiality.

These are described in the two subsections below followed by a

discussion of why links have different levels of physical security so

that it is meaningful to request that more secure links be used.

1.1 Traffic Analysis

At this time all Internet Protocol (IP) packets must have most of

their header information, including the "from" and "to" addresses, in

the clear. This is required for routers to properly handle the

traffic even if a higher level protocol fully encrypts all bytes in

the packet after the IP header. This renders even end-to-end

encrypted IP packets subject to traffic analysis if the data stream

can be observed. While traffic statistics are normally less

sensitive than the data content of packets, in some cases activities

of hosts or users are deducible from traffic information.

It is essential that routers have access to header information, so it

is hard to protect traffic statistics from an adversary with inside

access to the network. However, use of more secure physical links

will make traffic observation by entities outside of the network more

difficult thus improving protection from traffic analysis.

No doubt users would like to be able to request a guaranteed level of

link security, just as they would like to be able to request a

guaranteed bandwidth or delay through the network. However, such

guarantees require a resource reservation and/or policy routing

scheme and are beyond the scope of the current IP Type of Service

f...