SPV: Secure path vector routing for securing BGP

Yih Chun Hu, Adrian Perrig, Marvin Sirbu

Research output: Contribution to journalConference article

Abstract

As our economy and critical infrastructure increasingly relies on the Internet, the insecurity of the underlying border gateway routing protocol (BGP) stands out as the Achilles heel. Recent misconfigurations and attacks have demonstrated the brittleness of BGP. Securing BGP has become a priority. In this paper, we focus on a viable deployment path to secure BGP. We analyze security requirements, and consider tradeoffs of mechanisms that achieve the requirements. In particular, we study how to secure BGP update messages against attacks. We design an efficient cryptographic mechanism that relies only on symmetric cryptographic primitives to guard an ASPATH from alteration, and propose the Secure Path Vector (SPV) protocol. In contrast to the previously proposed S-BGP protocol, SPY is around 22 times faster. With the current effort to secure BGP, we anticipate that SPY will contribute several alternative mechanisms to secure BGP, especially for the case of incremental deployments.

Original languageEnglish (US)
Pages (from-to)179-192
Number of pages14
JournalComputer Communication Review
Volume34
Issue number4
DOIs
StatePublished - Dec 1 2004
Externally publishedYes
EventACM SIGCOMM 2004: Conference on Computer Communications - Portland, OR, United States
Duration: Aug 30 2004Sep 3 2004

    Fingerprint

Keywords

  • BGP
  • Border Gateway Protocol
  • Interdomain routing
  • Routing
  • Security

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Cite this