Analysis of the SPV secure routing protocol: weaknesses and lessons

Authors:
Barath Raghavan;Saurabh Panjwani;Anton Mityagin
Affiliations:
University of California, San Diego, CA;University of California, San Diego, CA;University of California, San Diego, CA
Venue:
ACM SIGCOMM Computer Communication Review
Year:
2007

Citing 12
Cited 0

Simple forward-secure signatures from any signature scheme

Proceedings of the 7th ACM conference on Computer and communications security
Security problems in the TCP/IP protocol suite

ACM SIGCOMM Computer Communication Review
The BiBa one-time signature and broadcast authentication protocol

CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Better than BiBa: Short One-Time Signatures with Fast Signing and Verifying

ACISP '02 Proceedings of the 7th Australian Conference on Information Security and Privacy
Beware of BGP attacks

ACM SIGCOMM Computer Communication Review
SPV: secure path vector routing for securing BGP

Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Towards provable security for ad hoc routing protocols

Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks
Aggregated path authentication for efficient BGP security

Proceedings of the 12th ACM conference on Computer and communications security
Modeling adoptability of secure BGP protocol

Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Listen and whisper: security mechanisms for BGP

NSDI'04 Proceedings of the 1st conference on Symposium on Networked Systems Design and Implementation - Volume 1
Forward-security in private-key cryptography

CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Secure Border Gateway Protocol (S-BGP)

IEEE Journal on Selected Areas in Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

We analyze a secure routing protocol, Secure Path Vector (SPV), proposed in SIGCOMM 2004. SPV aims to provide authenticity for route announcements in the Border Gateway Protocol (BGP) using an efficient alternative to ordinary digital signatures, called constant-time signatures. Today, SPV is often considered the best cryptographic defense for BGP. We find subtle flaws in the design of SPV which lead to attacks that can be mounted by 60% of Autonomous Systems in the Internet. In addition, we study several of SPV's design decisions and assumptions and highlight the requirements for security of routing protocols. In light of our analysis, we reexamine the need for constant-time signatures and find that certain standard digital signature schemes can provide the same level of efficiency for route authenticity.