What is Host Identity Protocol (HIP)?

by

February 8, 2019

The other day a few of my colleagues and I went to a local Sysadmins and Networking meetup hosted by SEA-TUG.

The topic of the night was Host Identity Protocol (HIP), and Michael Falkenrath of Tempered Networks presented it. While we don’t currently offer any of Tempered’s solutions in our MSSP offerings, the topic of HIP caught my attention, and I figured it might be a good idea to get more familiar with it in general.

What is Host Identity Protocol (HIP)?

HIP is a host identification technology for use on the Internet. HIP separates the end-point identifier and locator roles of IP addresses.

What does HIP do?

HIP allows consenting hosts to securely establish and maintain shared IP-layer state, allowing separation of the identifier and locator roles of IP addresses. HIP uses public key identifiers from a new Host Identity namespace for mutual peer authentication.

The protocol is designed to be resistant to denial-of-service (DoS) and man-in-the-middle (MitM) attacks. When used together with another suitable security protocol, such as the Encapsulated Security Payload (ESP), it provides integrity protection and encryption for upper-layer protocols, such as TCP and UDP.

Who developed HIP?

HIP was developed concurrently by the IETF (Internet Engineering Task Force) and the IRTF (Internet Research Task Force). It was first documented as IETF RFC 5201 (which you can read here: https://tools.ietf.org/html/rfc5201)

HIP has matured over 15 years of research, development, and deployment from companies like Boeing, Verizon, and Ericsson, as well as universities around the world.

How does HIP work?

Let’s start with how traffic/communication moves across the internet. Internet traffic is controlled by Domain Name Services and IP addresses (the two namespaces mentioned above). Those two namespaces have essential responsibilities:

  1. Managing the overall network interface
  2. Handling the location-name

IP addresses are responsible for separating and distinguishing between packet delivery to end nodes and individual hosts.

HIP allows for a computer to use mobile computing and multi-homing. Whereas typically the location of any host is responsible for routing data packets according to the IP addresses mentioned against their nodes, HIP handles things differently.

In a HIP network, IP addresses are eliminated and replaced with cryptographic host identifiers, which are self-generated. The cryptographic host identifiers allow for encrypted peer-to-peer connectivity.

Who should be using HIP?

That’s a good question, and I rightly don’t know the answer to it. I can only go with what Tempered mentioned in the demonstration, and that’s…pretty much everybody.

They’ve deployed their solution for educational institutions, healthcare providers; you name it. However, I’m still very unfamiliar with HIP and I’ll need to do a bit more research before I can speak more about its benefits/shortcomings.

Until then, what do you think about HIP? Is it right for you? Let us know in the comments!

Carl Keyser is the Content Manager at Integris.

Keep reading

Is DeepSeek Safe for My Company’s Systems?

Is DeepSeek Safe for My Company’s Systems?

China’s new DeepSeek AI engine Has Ushered in a New Era of Fast-Turn, Low-Cost AI Tools. But Are the Risks Worth the Rewards for US Companies? Key Takeaways: China's DeepSeek has been hailed as the nimble new competitor to US large language AI models—an alternative...

What Are Best Practices for Managing IT Projects?

What Are Best Practices for Managing IT Projects?

What Are Best Practices for Managing IT Projects? The Quick Take Managing IT projects effectively is crucial for ensuring success and maximizing ROI. Here are the best practices to follow: Define Clear Objectives and Scope: Set specific, measurable, achievable,...

What Is The Future of Managed IT Services?

What Is The Future of Managed IT Services?

What Is the Future of Managed IT Services? The Quick Take: The future of managed IT services for small and medium-sized businesses is bright, with the market expected to grow from $1.735 trillion to $2.173 trillion by 2028. Key trends driving this growth include:...