dtnrg-4----Page:16
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
Why integrity of bundle payload is not provided at every hop (reactive fragmentation) Reactive fragmentation is an important DTN feature that enables the receiving node to forward received data ASAP, without waiting for the entire bundle to arrive. If the whole bundle must arrive in order to be able to verify the hash, reactive fragmentation cannot be used. Calculating the BAH hash over the entire bundle except for the payload enables truncated bundles to be both authenticated and reactively fragmented. Important header fields are protected: Source, Destination, CoS, Timestamp, Payload length,… Source Application Node BAH BAH Receiver 2/ Sender 3 BAH (w/ signed Hash value All other Headers Primary Bundle Header Payload Class length Payload AE78F98D567BB32CAD5F4D17DA787CEAF50287 BAH (w/ signed Hash value All other Headers Primary Bundle Header Payload Class length Payload AE78F98D567 — Complete Bundle Truncated bundle; can’t be authenticated if the BAH hash was calculated over the entire bundle including the payload. |