@inproceedings{a2af18b6ad8a4e8fb861d59589ea7a46,
title = "Aggregated path authentication for efficient BGP security",
abstract = "The Border Gateway Protocol (BGP) controls inter-domain routing in the Internet. BGP is vulnerable to many attacks, since routers rely on hearsay information from neighbors. Secure BGP (S-BGP) uses DSA to provide route authentication and mitigate many of these risks. However, many performance and deployment issues prevent S-BGP's real-world deployment. Previous work has explored improving S-BGP processing latencies, but space problems, such as increased message size and memory cost, remain the major obstacles. In this paper, we design aggregated path authentication schemes by combining two efficient cryptographic techniques - signature amortization and aggregate signatures. We propose six constructions for aggregated path authentication that substantially improve efficiency of S-BGP's path authentication on both speed and space criteria. Our performance evaluation shows that the new schemes achieve such an efficiency that they may overcome the space obstacles and provide a real-world practical solution for BGP security.",
keywords = "Authentication, BGP, Performance, Routing, Security",
author = "Meiyuan Zhao and Smith, {Sean W.} and Nicol, {David M.}",
year = "2005",
doi = "10.1145/1102120.1102139",
language = "English (US)",
isbn = "1595932267",
series = "Proceedings of the ACM Conference on Computer and Communications Security",
publisher = "Association for Computing Machinery",
pages = "128--138",
booktitle = "CCS 2005 - Proceedings of the 12th ACM Conference on Computer and Communications Security",
address = "United States",
note = "CCS 2005 - 12th ACM Conference on Computer and Communications Security ; Conference date: 07-11-2005 Through 11-11-2005",
}