Password authentication with insecure communication
Communications of the ACM
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Security issues in control, management and routing protocols
Computer Networks: The International Journal of Computer and Telecommunications Networking - Pioneering tomorrow's Internet Selected papers from the TERENA Networking Conference 2000 22–25 May 2000, Lisbon, Portugal
BGP routing stability of popular destinations
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Protecting BGP Routes to Top Level DNS Servers
ICDCS '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
Malicious packet dropping: how it might impact the TCP performance and how we can detect it
ICNP '00 Proceedings of the 2000 International Conference on Network Protocols
The impact of address allocation and routing on the structure and implementation of routing tables
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
Origin authentication in interdomain routing
Proceedings of the 10th ACM conference on Computer and communications security
ACM SIGCOMM Computer Communication Review
SPV: secure path vector routing for securing BGP
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Performing BGP Experiments on a Semi-realistic Internet Testbed Environment
ICDCSW '05 Proceedings of the Second International Workshop on Security in Distributed Computing Systems (SDCS) (ICDCSW'05) - Volume 02
Aggregated path authentication for efficient BGP security
Proceedings of the 12th ACM conference on Computer and communications security
Listen and whisper: security mechanisms for BGP
NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Certificate revocation and certificate update
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Secure Border Gateway Protocol (S-BGP)
IEEE Journal on Selected Areas in Communications
A light-weight distributed scheme for detecting ip prefix hijacks in real-time
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Proceedings of the 14th ACM conference on Computer and communications security
Practical defenses against BGP prefix hijacking
CoNEXT '07 Proceedings of the 2007 ACM CoNEXT conference
Metric induced network poset (MINP): a model of the network from an application point of view
Proceedings of the first international conference on Networks for grid applications
Symmetric Key Approaches to Securing BGP --- A Little Bit Trust Is Enough
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Universal forgery of the identity-based sequential aggregate signature scheme
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Design and analysis of a hierarchical IP traceback system
ICC'09 Proceedings of the 2009 IEEE international conference on Communications
Safeguarding data delivery by decoupling path propagation and adoption
INFOCOM'10 Proceedings of the 29th conference on Information communications
Locating prefix hijackers using LOCK
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
StrobeLight: lightweight availability mapping and anomaly detection
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Keychain-based signatures for securing BGP
IEEE Journal on Selected Areas in Communications - Special issue title on scaling the internet routing system: an interim report
Scalable Multi-purpose Network Representation for Large Scale Distributed System Simulation
CCGRID '12 Proceedings of the 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012)
Provable security of S-BGP and other path vector protocols: model, analysis and extensions
Proceedings of the 2012 ACM conference on Computer and communications security
Sign what you really care about - Secure BGP AS-paths efficiently
Computer Networks: The International Journal of Computer and Telecommunications Networking
Alias resolution techniques: long-term analysis of alias stability in internet routers
Proceedings of the 8th ACM workshop on Performance monitoring and measurement of heterogeneous wireless and wired networks
Hi-index | 0.00 |
The Border Gateway Protocol (BGP) is the de facto interdomain routing protocol on the Internet. While the serious vulnerabilities of BGP are well known, no security solution has been widely deployed. The lack of adoption is largely caused by a failure to find a balance between deployability, cost, and security. In this paper, we consider the design and performance of BGP path authentication constructions that limit resource costs by exploiting route stability. Based on a year-long study of BGP traffic and indirectly supported by findings within the networking community, we observe that routing paths are highly stable. This observation leads to comprehensive and efficient constructions for path authentication. We empirically analyze the resource consumption of the proposed constructions via trace-based simulations. This latter study indicates that our constructions can reduce validation costs by as much as 97.3% over existing proposals while requiring nominal storage resources. We conclude by considering operational issues related to incremental deployment of our solution.