Friends or Rivals: Insights From Integrating HIP and i3
Anthony D. Joseph
Workshop on HIP and Related Architectures
[Full Text in PDF Format, 36KB]
The Host Identity Protocol (HIP) uses cryptographic
host identities to provide secure and efficient end-to-end
communication without requiring a distributed key authority.
However, HIP hosts can be vulnerable to DoS
attacks and require some infrastructure to support simultaneous
mobility of end points. The Internet Indirection
Infrastructure (i3) overlay network can be used to provide
these desirable properties for HIP control packets.
However, with the introduction of network shortcuts in
i3 where two hosts can communicate directly, a question
arises as to whether i3 can completely replace HIP. Is the
end-to-end security provided by HIP a strong enough
benefit compared to using shortcuts in i3? Is it worthwhile
to consider using a general Distributed Object Location
and Routing (DOLR) or Distributed Hash Table
(DHT), such as Tapestry or Chord, instead of i3 as a
control plane for HIP? We discuss these questions in the
paper. We also present implementation experiences with
HIP-i3 integration and show initial performance results
comparing the throughput of i3 and HIP.