Next Article in Journal
WPAxFuzz: Sniffing Out Vulnerabilities in Wi-Fi Implementations
Previous Article in Journal
Efficient RO-PUF for Generation of Identifiers and Keys in Resource-Constrained Embedded Systems
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Cryptography
Volume 6
Issue 4
10.3390/cryptography6040052
Review Report
cryptography-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

ICRP: Internet-Friendly Cryptographic Relay-Detection Protocol

Cryptography 2022, 6(4), 52; https://doi.org/10.3390/cryptography6040052
by Ghada Arfaoui 1, Gildas Avoine 2, Olivier Gimenez 2,3,* and Jacques Traoré 3
Reviewer 1:
Marcos Cavenaghi
Reviewer 2:
Petar Radanliev
Cryptography 2022, 6(4), 52; https://doi.org/10.3390/cryptography6040052
Submission received: 6 September 2022 / Revised: 2 October 2022 / Accepted: 3 October 2022 / Published: 17 October 2022

Round 1

Reviewer 1 Report

The authors propose a two-party cryptographic protocol for detecting traffic hijacking over the Internet by analyzing the time stability between two communicating nodes. The paper is well-written and it is scientifically sound. There are some considerations the authors should address before publishing the article. Those are: When using multiple threads to boost performance, they have chosen a  4 bytes header; they do not discuss the impact this limitation have in a real-life scenario with millions of packets required for an application to run.

Author Response

Response to Reviewer 1 Comments

We express our sincere appreciations for the time taken to read our paper and provide their constructive comments and suggestions. We greatly appreciate your positive comments and feedback. We have carefully considered all the remarks and suggestions made and attempted to address. Here are the main considered points and taken actions.

When using multiple threads to boost performance, they have chosen a  4 bytes header; they do not discuss the impact this limitation have in a real-life scenario with millions of packets required for an application to run.

Response: We updated the text to clarify the choice of the 4 byte header (on page 16). Our choice was mainly inspired by the field length of the SQN number in TCP header (which is 4 bytes as well). This field is reset when its maximum value (2^{32}) is reached. Hence there is negligible risks that 2 TCP packets in transit at the same time have the same SQN. We consequently believe that the same procedure could be applied to our protocol in a real-life scenario with millions (or even billions) of packets required for an application to run.

Reviewer 2 Report

Very interesting ant timely article. I think it deserves publication and I am recommending accept with minor corrections. But there are some minor issues that require your attention. I list these corrections below as feedback / comments, and I am looking forward to reading the updated version of this article. 

 

- Abstract needs to contain (to include) five main elements: 

1.     Introduction. This is the first part of the abstract, and should be brief and attractive to the reader at the same time. ... (one to two sentences) 

2.     Research significance. This usually answers the question: Why did you do this research? (one to two sentences) 

3.     Methodology. ... (one to two sentences)

4.     Results. ... (one to two sentences)

5.     Brief summary of the conclusions. (one to two sentences)

A good informative abstract acts as a surrogate for the work itself. An abstract is a 150- to 250-word paragraph that provides readers with a quick overview of your work and how the article is organised. It should express your central idea and your key points; it should also suggest any implications or applications of the research you discuss in the paper.

 

- On pp. 12 you mention the 'risk of relay attack' and you discus some examples in the rest of the paper on cyber risks, so you have done a really good job at reviewing so many articles, but you didn’t discuss any examples related to healthcare. On the related topic of ‘the ‘future values and risks from artificial intelligence in healthcare’ - see: https://doi.org/10.1007/s12553-022-00691-6 - It would be interesting to see a few sentences reviewing and comparing your work in relations to the recent study in related topics. You mentioned exmaples of China Telecom, Yahoo, IBM, Safe Host, but it would be interesting to use the examples on healthcare from the study I mentioned, and include a short sentence or two discussion on how your Cryptographic Relay-detection Protocol can be used to fix some of the problems discussed in that study. 

 

- well done for writing a good paper. 

 

Author Response

Response to Reviewer 2 Comments

We express our sincere appreciations for the time taken to read our paper and provide their constructive comments and suggestions. We greatly appreciate your positive comments and feedback. We have carefully considered all the remarks and suggestions made and attempted to address. Here are the main considered points and taken actions.

Point 1 : Abstract needs to contain (to include) five main elements: 

  1. This is the first part of the abstract, and should be brief and attractive to the reader at the same time. ... (one to two sentences) 
  2. Research significance. This usually answers the question: Why did you do this research? (one to two sentences) 
  3. ... (one to two sentences)
  4. ... (one to two sentences)
  5. Brief summary of the conclusions. (one to two sentences)

A good informative abstract acts as a surrogate for the work itself. An abstract is a 150- to 250-word paragraph that provides readers with a quick overview of your work and how the article is organised. It should express your central idea and your key points; it should also suggest any implications or applications of the research you discuss in the paper.

Response 1: We propose the following alternative :

Traffic hijacking over the Internet has become a frequent incident over the last $2$ decades. From minor inconveniences for casual users to massive leaks of governmental data , these events cover an unprecedently large spectrum. Many hijacking are presumed to be caused by unfortunate routing mistakes, but a well organized attacker could set up a long-term stealthy relay, accessing critical traffic metadata, despite suitable encryption schemes. While many studies focus on the mitigation of known attacks, we choose to design a complete detection method regardless of the attacker strategy.\\
We propose a two-party cryptographic protocol for detecting traffic hijacking over the Internet. Our proposal relies on a distance-bounding mechanism that performs interactive authentication with a ``Challenge-Response'' exchange, and measures the round-trip time of packets to decide whether an attack is ongoing. Our construction is supported by worldwide experiments on communication time between multiple nodes, allowing us to both demonstrate its applicability and evaluate its performances. Over the course of this paper, we demonstrate our protocol to be \textit{efficient} - it requires only two cryptographic operations per execution inducing negligeable workload for users and very few loss of throughput, \textit{scalable} - no software updates are required for intermediate network nodes, \textit{routing protocol independant} - this means that any future update of the route selection process will not induce changes on our scheme, and \textit{network friendly} - the added volume of transiting data is only about $1.5\%$.

Point 2: On pp. 12 you mention the 'risk of relay attack' and you discus some examples in the rest of the paper on cyber risks, so you have done a really good job at reviewing so many articles, but you didn’t discuss any examples related to healthcare. On the related topic of ‘the ‘future values and risks from artificial intelligence in healthcare’ - see: https://doi.org/10.1007/s12553-022-00691-6 - It would be interesting to see a few sentences reviewing and comparing your work in relations to the recent study in related topics.

Response 2: The mentioned paper proposes a methodology to improve the predictability of the cyber-risks on digital healthcare systems and the difficulties in production and distribution chains in troubled periods like it was the case with Covid 19 pandemic. Its main common idea with our work is the applicability to the healthcare system. However, unlike the mentioned work which is focused on improving AI teaching and training in the service of healthcare system,  our work proposes an interactive way for detecting an ongoing traffic hijack. We definitely believe that our protocol can coexist with these methodology updates, but that these subjects are completely independent. That is why we propose not to include it in our paper. Having said that, we are open for discussing further this matter, as we may have missed an important information.

Back to TopTop