By Topic

HC-BGP: A light-weight and flexible scheme for securing prefix ownership

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Ying Zhang ; Univ. of Michigan, MI, USA ; Zheng Zhang ; Mao, Z.M. ; Hu, Y.C.

The border gateway protocol (BGP) is a fundamental building block of the Internet infrastructure. However, due to the implicit trust assumption among networks, Internet routing remains quite vulnerable to various types of misconfiguration and attacks. Prefix hijacking is one such misbehavior where an attacker AS injects false routes to the Internet routing system that misleads victim's traffic to the attacker AS. Previous secure routing proposals, e.g., S-BGP, have relied on the global public key infrastructure (PKI), which creates deployment burdens. In this paper, we propose an efficient cryptographic mechanism, HC-BGP, using hash chains and regular public/private key pairs to ensure prefix ownership certificates. HC-BGP is computationally more efficient than previously proposed secure routing schemes, and it is also more flexible for supporting various traffic engineering goals. Our scheme can efficiently prevent common prefix hijacking attacks which announce routes with false origins, including both prefix and sub-prefix hijacking attacks.

Published in:

Dependable Systems & Networks, 2009. DSN '09. IEEE/IFIP International Conference on

Date of Conference:

June 29 2009-July 2 2009