Open Access
A Survey of BGP Security
Reads0
Chats0
TLDR
This paper considers the vulnerabilities of existing interdomain routing and surveys works relating to BGP security, and centrally note that no current solution has yet found an adequate balance between comprehensive security and deployment cost.Abstract:
The Border Gateway Protocol (BGP) is the de facto interdomain routing protocol of the Internet. Although the performance BGP has been historically acceptable, there are mounting concerns about its ability to meet the needs of the rapidly evolving Internet. A central limitation of BGP is its failure to adequately address security. Recent outages and security analyses clearly indicate that the Internet routing infrastructure is highly vulnerable. Moreover, the design and ubiquity of BGP has frustrated past e!orts at securing interdomain routing. This paper considers the vulnerabilities of existing interdomain routing and surveys works relating to BGP security. The limitations and advantages of proposed solutions are explored, and the systemic and operational implications of their design considered. We centrally note that no current solution has yet found an adequate balance between comprehensive security and deployment cost. This work calls not only for the application of ideas described within this paper, but also for further introspection on the problems and solutions of BGP security.read more
Citations
More filters
Posted Content
Ordered Multisignatures and Identity-Based Sequential Aggregate Signatures, with Applications to Secure Routing.
TL;DR: A new primitive that is introduced that is called ordered multisignatures (OMS), which allow signers to attest to a common message as well as the order in which they signed, which substantially improves computational efficiency over any existing scheme with comparable functionality.
ReportDOI
National Strategy to Secure Cyberspace
TL;DR: The approach explored the development of cyber technology strategies and programs related to the mission and roles of Homeland Security Advanced Research Projects Agency and program goals with external clients including IT industry, critical infrastructure sectors, and academics.
Proceedings ArticleDOI
Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing
TL;DR: In this paper, a new primitive called ordered multisignatures (OMS) is introduced, which allows signers to attest to a common message as well as the order in which they signed.
Don't Secure Routing Protocols, Secure Data Delivery.
TL;DR: This work argues that solving the problem of secure routing is both harder and less effective than directly solving the core problems needed to communicate securely: end-to-end confidentiality, integrity, and availability, and presents Availability Centric Routing (ACR), which is based on three principles.
Journal Article
Internet Key Exchange
TL;DR: Internet Key Exchange (IKE), resolves problems of building and updating key that is shared in the unsafe environment such as Internet.
References
More filters
Journal ArticleDOI
New Directions in Cryptography
TL;DR: This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.
Journal ArticleDOI
A method for obtaining digital signatures and public-key cryptosystems
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Proceedings Article
The MD5 Message-Digest Algorithm
TL;DR: This document describes the MD5 message-digest algorithm, which takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input.
Security Architecture for the Internet Protocol
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).