Aggregated path authentication for efficient BGP security

Meiyuan Zhao, Sean W. Smith, David M. Nicol

Research output: Chapter in Book/Report/Conference proceedingConference contribution


The Border Gateway Protocol (BGP) controls inter-domain routing in the Internet. BGP is vulnerable to many attacks, since routers rely on hearsay information from neighbors. Secure BGP (S-BGP) uses DSA to provide route authentication and mitigate many of these risks. However, many performance and deployment issues prevent S-BGP's real-world deployment. Previous work has explored improving S-BGP processing latencies, but space problems, such as increased message size and memory cost, remain the major obstacles. In this paper, we design aggregated path authentication schemes by combining two efficient cryptographic techniques - signature amortization and aggregate signatures. We propose six constructions for aggregated path authentication that substantially improve efficiency of S-BGP's path authentication on both speed and space criteria. Our performance evaluation shows that the new schemes achieve such an efficiency that they may overcome the space obstacles and provide a real-world practical solution for BGP security.

Original languageEnglish (US)
Title of host publicationCCS 2005 - Proceedings of the 12th ACM Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Number of pages11
ISBN (Print)1595932267, 9781595932266
StatePublished - 2005
EventCCS 2005 - 12th ACM Conference on Computer and Communications Security - Alexandria, VA, United States
Duration: Nov 7 2005Nov 11 2005

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221


OtherCCS 2005 - 12th ACM Conference on Computer and Communications Security
Country/TerritoryUnited States
CityAlexandria, VA


  • Authentication
  • BGP
  • Performance
  • Routing
  • Security

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'Aggregated path authentication for efficient BGP security'. Together they form a unique fingerprint.

Cite this