TY - JOUR
T1 - Evaluation of efficient security for BGP route announcements using parallel simulation
AU - Nicol, David M.
AU - Smith, Sean W.
AU - Zhao, Meiyuan
N1 - Funding Information:
The authors are grateful to Guy Blelloch, Steve Campbell, Michael Liljenstam, and B.J. Premore for their helpful suggestions. This project was supported under Award No. 2000-DT-CX-K001 from the Office for Domestic Preparedness, U.S. Department of Homeland Security. Points of view in this document are those of the author(s) and do not necessarily represent the official position of the U.S. Department of Homeland Security. Smith was also supported in part by the Mellon Foundation and AT&T/Internet2; Smith and Nicol were supported in part by NSF Grants CCR-0209144 and EIA-98-02068. Nicol is supported in part by by DARPA Contract N66001-96-C-8530, and Department of Energy contract DE-AC05-00OR22725. Accordingly, the US Government retains a non-exclusive, royalty-free license to publish or reproduce the published form of this contribution, or allow others to do so, for US Government purposes.
PY - 2004/7
Y1 - 2004/7
N2 - The Border Gateway Protocol (BGP) determines how Internet traffic is routed throughout the entire world; malicious behavior by one or more BGP speakers could create serious security issues. Since the protocol depends on a speaker honestly reporting path information sent by previous speakers and involves a large number of independent speakers, the Secure BGP (S-BGP) approach uses public-key cryptography to ensure that a malicious speaker cannot fabricate this information. However, such public-key cryptography is expensive: S-BGP requires a digital signature operation on each announcement sent to each peer, and a linear (in the length of the path) number of verifications on each receipt. We use simulation of AS models derived from the Internet to evaluate the impact that the processing costs of cryptography have on BGP convergence time. As the size of these models grows, inherent memory requirements grow beyond what is normally available in serial computers, motivating us to use distributed memory cluster computers, just to hold the model state. We find that under heavy load the convergence time using ordinary S-BGP is significantly larger than BGP. We examine the impact of highly aggressive caching and pre-computation optimizations for S-BGP, and find that convergence time is much closer to BGP. However, these optimizations may be unrealistic, and are certainly expensive of memory. We consequently use the structure of BGP processing to design optimizations that reduce cryptographic overhead by amortizing the cost of private-key signatures over many messages. We call this method Signature-Amortization (S-A). We find that S-A provides as good or better convergence times as the highly optimized S-BGP, but without the cost and complications of caching and pre-computation. These experiments - whose memory demands easily exceed 10Gb - are made possible using parallel simulation. They show that it is is possible therefore to minimize the impact route validation has on convergence, by being careful with signatures, rather than consumptive of memory.
AB - The Border Gateway Protocol (BGP) determines how Internet traffic is routed throughout the entire world; malicious behavior by one or more BGP speakers could create serious security issues. Since the protocol depends on a speaker honestly reporting path information sent by previous speakers and involves a large number of independent speakers, the Secure BGP (S-BGP) approach uses public-key cryptography to ensure that a malicious speaker cannot fabricate this information. However, such public-key cryptography is expensive: S-BGP requires a digital signature operation on each announcement sent to each peer, and a linear (in the length of the path) number of verifications on each receipt. We use simulation of AS models derived from the Internet to evaluate the impact that the processing costs of cryptography have on BGP convergence time. As the size of these models grows, inherent memory requirements grow beyond what is normally available in serial computers, motivating us to use distributed memory cluster computers, just to hold the model state. We find that under heavy load the convergence time using ordinary S-BGP is significantly larger than BGP. We examine the impact of highly aggressive caching and pre-computation optimizations for S-BGP, and find that convergence time is much closer to BGP. However, these optimizations may be unrealistic, and are certainly expensive of memory. We consequently use the structure of BGP processing to design optimizations that reduce cryptographic overhead by amortizing the cost of private-key signatures over many messages. We call this method Signature-Amortization (S-A). We find that S-A provides as good or better convergence times as the highly optimized S-BGP, but without the cost and complications of caching and pre-computation. These experiments - whose memory demands easily exceed 10Gb - are made possible using parallel simulation. They show that it is is possible therefore to minimize the impact route validation has on convergence, by being careful with signatures, rather than consumptive of memory.
KW - Inter domain routing
KW - Parallel simulation for routing
KW - S-BGP
UR - http://www.scopus.com/inward/record.url?scp=3042699520&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=3042699520&partnerID=8YFLogxK
U2 - 10.1016/j.simpat.2003.10.003
DO - 10.1016/j.simpat.2003.10.003
M3 - Article
AN - SCOPUS:3042699520
SN - 1569-190X
VL - 12
SP - 187
EP - 216
JO - Simulation Modelling Practice and Theory
JF - Simulation Modelling Practice and Theory
IS - 3-4 SPEC. ISS.
ER -