Title :
HC-BGP: A light-weight and flexible scheme for securing prefix ownership
Author :
Zhang, Ying ; Zhang, Zheng ; Mao, Z. Morley ; Hu, Y. Charlie
Author_Institution :
Univ. of Michigan, MI, USA
fDate :
June 29 2009-July 2 2009
Abstract :
The border gateway protocol (BGP) is a fundamental building block of the Internet infrastructure. However, due to the implicit trust assumption among networks, Internet routing remains quite vulnerable to various types of misconfiguration and attacks. Prefix hijacking is one such misbehavior where an attacker AS injects false routes to the Internet routing system that misleads victim´s traffic to the attacker AS. Previous secure routing proposals, e.g., S-BGP, have relied on the global public key infrastructure (PKI), which creates deployment burdens. In this paper, we propose an efficient cryptographic mechanism, HC-BGP, using hash chains and regular public/private key pairs to ensure prefix ownership certificates. HC-BGP is computationally more efficient than previously proposed secure routing schemes, and it is also more flexible for supporting various traffic engineering goals. Our scheme can efficiently prevent common prefix hijacking attacks which announce routes with false origins, including both prefix and sub-prefix hijacking attacks.
Keywords :
Internet; certification; internetworking; public key cryptography; telecommunication network routing; telecommunication traffic; transport protocols; HC-BGP; Internet routing system; border gateway protocol; prefix hijacking; prefix ownership certificate; public key infrastructure; traffic engineering; IEEE news; IP networks; Internet telephony; Proposals; Public key; Public key cryptography; Routing protocols; Security; Telecommunication traffic; YouTube;
Conference_Titel :
Dependable Systems & Networks, 2009. DSN '09. IEEE/IFIP International Conference on
Conference_Location :
Lisbon
Print_ISBN :
978-1-4244-4422-9
Electronic_ISBN :
978-1-4244-4421-2
DOI :
10.1109/DSN.2009.5270359
