Abstract
Path validation has long be explored toward forwarding reliability of Internet traffic. Adding cryptographic primitives in packet headers, path validation enables routers to enforce which path a packet should follow and to verify whether the packet has followed the path. How to implement path validation for multi-path routing is yet to be investigated. We find that it leads to an impractically low efficiency when simply applying existing single-path validation to multi-path routing.
In this paper, we present ProMPV as an initiative to explore efficient multi-path validation for multi-path routing. We segment the forwarding path into segments of three routers following a sliding window with size one. Based on this observation, we design ProMPV as a proactive multi-path validation protocol in that it requires a router to proactively leave to its second next hop with proofs that cannot be tampered by its next hop. In multi-path routing, this greatly optimizes the computation and packet size. A packet no longer needs to carry all proofs of routers along all paths. Instead, it iteratively updates its carried proofs that correspond to only three hops. We validate the security and performance of ProMPV through security analysis and experiment results, respectively.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
OpenSSL: Cryptography and SSL/TLS Toolkit. https://www.openssl.org/
Bu, K., Yang, Y., Laird, A., Luo, J., Li, Y., Ren, K.: What’s (not) validating network paths: a survey. arXiv:1804.03385 (2018)
He, J., Rexford, J.: Toward internet-wide multipath routing. IEEE Netw. 22(2), 16–21 (2008)
Lee, T., Pappas, C., Perrig, A., Gligor, V., Hu, Y.C.: The case for in-network replay suppression. In: ACM AsiaCCS, pp. 862–873 (2017)
Naous, J., Walfish, M., Nicolosi, A., Mazières, D., Miller, M., Seehra, A.: Verifying and enforcing network paths with ICING. In: CoNEXT (2011)
Paxson, V.: End-to-end routing behavior in the internet. In: ACM SIGCOMM, pp. 25–38 (1996)
Segall, A.: Optimal distributed routing for virtual line-switched data networks. IEEE Trans. Commun. 27, 201–209 (1979)
Singh, R., Singh, Y., Yadav, A.: Loop free multipath routing algorithm, January 2016
Villamizar, C.: OSPF optimized multipath (OSPF-OMP), September 2019
Wu, B., et al.: Enabling efficient source and path verification via probabilistic packet marking. In: IWQoS (2018)
Xu, W., Rexford, J.: Miro: multi-path interdomain routing. In: ACM SIGCOMM (2006)
Yang, X., Wetherall, D.: Source selectable path diversity via routing deflections. ACM SIGCOMM 36, 159–170 (2006)
Acknowledgement
This work is supported by The Natural Science Foundation of Zhejiang Province under Grant No. LY19F020050. We would also like to thank Professor Kai Bu for mentoring us on the project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
He, A., Xie, Y., Mao, W., Yeh, T. (2020). Divide and Conquer: Efficient Multi-path Validation with ProMPV. In: Chu, X., Jiang, H., Li, B., Wang, D., Wang, W. (eds) Quality, Reliability, Security and Robustness in Heterogeneous Systems. QShine 2019. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 300. Springer, Cham. https://doi.org/10.1007/978-3-030-38819-5_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-38819-5_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-38818-8
Online ISBN: 978-3-030-38819-5
eBook Packages: Computer ScienceComputer Science (R0)