By Topic

Relieve Internet Routing Security of Public Key Infrastructure

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)

Lack of security mechanisms expose the Border Gateway Protocol (BGP) to a wide range of threats that are constantly undermining security of the Internet. Most prominent attacks include prefix hijacking and announcement of false routes to maliciously attract or divert traffic. A number of cryptographic solutions to prevent both attacks have been proposed but have not been adopted due to involved operations and considerable overhead. Most of them rely on digital signatures to authorize Autonomous Systems to propagate route announcements. Surprisingly, the scientific community has devoted only little interest to the problem of revocation in BGP. In particular, BGP systems based on Public Key Infrastructure allow to revoke an Autonomous System by revoking its public key certificate. However, there seem to be no solution for selective revocation of AS-path announcements. This paper introduces reBGP, an enhanced version of BGP that leverages Identity Based Cryptography to secure BGP with minimal overhead. reBGP prevents prefix hijacking and false route announcement through Aggregate Identity Based Signatures and provides an effective revocation means to invalidate AS-path announcements. reBGP enjoys a constant overhead to verify authenticity of routes and does not require a Public Key Infrastructure. Extensive testing of our implementation, show that our proposal represents a practical solution to secure BGP.

Published in:

Computer Communications and Networks (ICCCN), 2012 21st International Conference on

Date of Conference:

July 30 2012-Aug. 2 2012