Efficient Security Mechanisms for the Border Gateway Routing Protocol

Abstract

We analyze the security of the BGP routing protocol and identify a number of vulnerabilities in its design and the corresponding threats. We then present modifications to the protocol that minimize or eliminate the most significant threats. The innovation we introduce is the protection of the second-to-last hop information contained in the AS_PATH attributes by digital signatures, and the use of this predecessor information to verify the path of the selected route. With these techniques, we are able to secure complete path information in near constant space, avoiding the recursive protection mechanisms proposed for BGP in the past.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Aug 22, 1997
Accession Number
ADA461568

Entities

People

  • Bradley R. Smith
  • J.J. Garcia-Luna-Aceves

Organizations

  • University of California, Santa Cruz

Tags

Communities of Interest

  • Autonomy
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Computer Access Control
  • Computer Networks
  • Cryptography
  • Digital Communications
  • Internet Routing
  • Network Computing
  • Network Protocols
  • Reliability
  • Routing Protocols
  • Security
  • Transport Protocols

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Cybersecurity.
  • Software Engineering

Technology Areas

  • Cyber
  • Space