On interdomain routing security and pretty secure BGP (psBGP)

  • Authors:
  • P.C. van Oorschot;Tao Wan;Evangelos Kranakis

  • Affiliations:
  • Carleton University, Ottawa, Canada;Carleton University, Ottawa, Canada;Carleton University, Ottawa, Canada

  • Venue:
  • ACM Transactions on Information and System Security (TISSEC)
  • Year:
  • 2007

Quantified Score

Hi-index 0.00

Visualization

Abstract

It is well known that the Border Gateway Protocol (BGP), the IETF standard interdomain routing protocol, is vulnerable to a variety of attacks, and that a single misconfigured or malicious BGP speaker could result in large-scale service disruption. In this paper, we present Pretty Secure BGP (psBGP)---a proposal for securing BGP, including an architectural overview, design details for significant aspects, and preliminary security and operational analysis. psBGP differs from other security proposals (e.g., S-BGP and soBGP) in that it makes use of a single-level PKI for AS number authentication, a decentralized trust model for verifying the propriety of IP prefix origin, and a rating-based stepwise approach for AS_PATH (integrity) verification. psBGP trades off the strong security guarantees of S-BGP for presumed-simpler operation, e.g., using a PKI with a simple structure, with a small number of certificate types, and of manageable size. psBGP is designed to successfully defend against various (nonmalicious and malicious) threats from uncoordinated BGP speakers, and to be incrementally deployed with incremental benefits.