Figure 3 illustrates the weak-split construction using a
simple example topology. Weak-Split whisper is motivated by the
hash-chain construction used by Hu et
al. [21,20] in the context of ad-hoc networks.
The key idea is as follows: The origin AS generates a secret and
propagates
to its neighbors where
is a globally known
one-way hash function. Every intermediary AS in the path repeatedly
hashes the signature field. An AS that receives two routes
and
of AS hop lengths
and
with signatures
and
can
check for consistency by testing whether
.
The security property that the weak-whisper guarantees is: An
independent adversary that is AS hops away from an origin AS can
propagate invalid routes of a minimum length of
without being
detected as inconsistent. An AS that is
hops away from the
origin knows the value
but cannot compute
for
any
since
is a one-way hash function. Such an AS also is
not supposed to reveal its hash value to other nodes (unless the AS
colludes with other AS's). However, the adversary can forward any
fake path of length
.
Hence, weak-split whisper does not provide strong forms of security guarantees. In particular, it cannot ensure path integrity i.e. a malicious AS could modify the AS numbers of a path without affecting the AS path length.