Security Protocols for Networks and Internet: A Global Vision

  • José María de FuentesEmail author
  • Luis Hernandez-Encinas
  • Arturo Ribagorda


The use of communication networks and the Internet has rocketed in the last years. From the traditional, wired settings to the wireless ones, connectivity is becoming almost ubiquitous in modern societies. Security concerns are critical, such as data forgery or tampering. In order to address these needs, security protocols have been proposed for each setting over the years. This chapter introduces the essential aspects of several representative protocols concerning authentication, remote connection, secure data exchange, and wireless protection for networks and Internet. Remarkably, basic notions on well-known protocols such as Kerberos are presented without entering into low-level details.



This work was supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You), by the CAM grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Data, and Risks), which is co-funded by European Funds (FEDER), and by the MINECO grant TIN2016-79095-C2-2-R (SMOG-DEV—Security mechanisms for fog computing: advanced security for devices). Authors would like to thank the anonymous reviewers for their useful comments.


  1. 1.
    Adnan, A. H., Abdirazak, M., Sadi, A. S., Anam, T., Khan, S. Z., Rahman, M. M., et al. (2015). A comparative study of WLAN security protocols: WPA, WPA2. In 2015 International Conference on Advances in Electrical Engineering (ICAEE) (pp. 165–169). Piscataway, NJ: IEEE.CrossRefGoogle Scholar
  2. 2.
    Barrett, D., Silverman, R., & Byrnes, R. (2005). SSH, the secure shell: The definitive guide (2nd ed.). Sebastopol: O’Reilly.Google Scholar
  3. 3.
    Dierks, T., & Allen, C. (1999). The TLS Protocol Version 1.0. RFC 2246 (Proposed Standard). Obsoleted by RFC 4346, updated by RFCs 3546, 5746, 6176, 7465, 7507, 7919.
  4. 4.
    Dierks, T., & Rescorla, E. (2008). The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard). Updated by RFCs 5746, 5878, 6176, 7465, 7507, 7568, 7627, 7685, 7905, 7919.
  5. 5.
    Diffie, W., & Hellman, M. (2006). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654.MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Freier, A., Karlton, P., & Kocher, P. (2011). The Secure Sockets Layer (SSL) Protocol Version 3.0. RFC 6101 (Historic).
  7. 7.
    Group, W. W. L. W. (2012). 802.11-2012 – IEEE Standard for Information technology–Telecommunications and information exchange between systems Local and metropolitan area networks–Specific requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications.Google Scholar
  8. 8.
    Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., & Kivinen, T. (2014). Internet Key Exchange Protocol Version 2 (IKEv2). RFC 7296 (Internet Standard). Updated by RFCs 7427, 7670.
  9. 9.
    Kent, S. (2005). IP Encapsulating Security Payload (ESP). RFC 4303 (Proposed Standard).
  10. 10.
    Kent, S., & Seo, K. (2005). Security Architecture for the Internet Protocol. RFC 4301 (Proposed Standard). Updated by RFCs 6040, 7619.
  11. 11.
    Koopman, P. (2002). 32-bit cyclic redundancy codes for internet applications. In Proceedings International Conference on Dependable Systems and Networks (pp. 459–468).Google Scholar
  12. 12.
    Lloyd, B., & Simpson, W. (1992). PPP Authentication Protocols. RFC 1334 (Proposed Standard). Obsoleted by RFC 1994.
  13. 13.
    Mattern, F., & Floerkemeier, C. (2010). Chap. From the internet of computers to the internet of things. From active data management to event-based systems and more (pp. 242–259). Berlin/Heidelberg: Springer. Scholar
  14. 14.
    Neuman, B.C., & Ts’o, T. (1994). Kerberos: An authentication service for computer networks. IEEE Communications Magazine, 32(9), 33–38. doi:10.1109/35.312841.CrossRefGoogle Scholar
  15. 15.
    Neuman, C., Yu, T., Hartman, S., & Raeburn, K. (2005). The Kerberos Network Authentication Service (V5). RFC 4120 (Proposed Standard). Updated by RFCs 4537, 5021, 5896, 6111, 6112, 6113, 6649, 6806, 7751.
  16. 16.
    ISO, I. (1994). IEC 7498-1: 1994 information technology-open systems interconnection-basic reference model: The basic model. ISO standard ISO/IEC, 7498-1.Google Scholar
  17. 17.
    Potlapally, N. R., Ravi, S., Raghunathan, A., & Jha, N. K. (2006). A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Transactions on Mobile Computing, 5(2), 128–143.CrossRefGoogle Scholar
  18. 18.
    Potter, B. (2003). Wireless security’s future. IEEE Security and Privacy, 1(4), 68–72.CrossRefGoogle Scholar
  19. 19.
    Rivest, R. L., & Schuldt, J. C. (2014). Spritz-a spongy rc4-like stream cipher and hash function. In Proceedings of the Charles River Crypto Day, Palo Alto, CA, USA (Vol. 24).Google Scholar
  20. 20.
    Simpson, W. (1996). PPP Challenge Handshake Authentication Protocol (CHAP). RFC 1994 (Draft Standard). Updated by RFC 2484.
  21. 21.
    Sorce, S., & Yu, T. (2016). Kerberos Authorization Data Container Authenticated by Multiple Message Authentication Codes (MACs). RFC 7751 (Proposed Standard).Google Scholar
  22. 22.
    Stallings, W. (2002). Cryptography and network security: Principles and practice. Edinburgh: Pearson Education.Google Scholar
  23. 23.
    Tews, E., & Beck, M. (2009). Practical attacks against WEP and WPA. In Proceedings of the Second ACM Conference on Wireless Network Security (pp. 79–86). New York: ACM.CrossRefGoogle Scholar
  24. 24.
    Ylonen, T., & Lonvick, C. (2006). The Secure Shell (SSH) Authentication Protocol. RFC 4252 (Proposed Standard).
  25. 25.
    Ylonen, T., & Lonvick, C. (2006). The Secure Shell (SSH) Protocol Architecture. RFC 4251 (Proposed Standard).

Copyright information

© Springer International Publishing AG 2018

Authors and Affiliations

  • José María de Fuentes
    • 1
    Email author
  • Luis Hernandez-Encinas
    • 2
  • Arturo Ribagorda
    • 1
  1. 1.Computer Security Lab (COSEC)Carlos III University of MadridLeganésSpain
  2. 2.Institute of Physical and Information TechnologiesSpanish National Research Council (CSIC)MadridSpain

Personalised recommendations