research-article

Provable security of S-BGP and other path vector protocols: model, analysis and extensions

Authors:

Alexandra Boldyreva,

Robert LychevAuthors Info & Claims

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

Pages 541 - 552

https://doi.org/10.1145/2382196.2382254

Published: 16 October 2012 Publication History

Abstract

This paper provides the provable-security treatment of path vector routing protocols. We first design a security definition for routing path vector protocols by studying, generalizing, and formalizing numerous known threats. Our model incorporates three major security goals. It is quite strong, yet simple to use. We prove by reduction that S-BGP satisfies two out of the security model's three goals, assuming the underlying signature scheme is secure. Under the same assumption, we next show how the protocol can be modified to meet all three security goals simultaneously. Finally, we study security of partial PKI deployment of path vector protocols when not all nodes have public keys. We investigate the possibilities of relaxing the PKI requirement and relying on the non-cryptographic physical security of the protocol in order to achieve possibly weaker, but still well-defined, notions of security. We also present the necessary and sufficient conditions to achieve full security in the partial PKI deployment scenario. We believe our conclusions will prove useful for protocol developers, standards bodies and government agencies.

References

[1]

American Registry for Internet Numbers (ARIN). https://www.arin.net/.

[2]

BGP Routing table analysis reports. http://bgp.potaroo.net.

[3]

The Internet Assigned Numbers Authority (IANA). http://www.iana.org/.

[4]

Internet Engineering Task Force (IETF) secure inter-domain routing group (SIDR). http://datatracker.ietf.org/wg/sidr/charter/.

[5]

Resource Public Key Infrastructure (RPKI). https://www.arin.net/resources/rpki.html.

[6]

C. Adams and S. Farrell. Internet X.509 Public Key Infrastructure: Certificate management protocols, 2004.

[7]

W. Aiello, J. Ioannidis, and P. McDaniel. Origin authentication in interdomain routing. In CCS '03: Proceedings of the 10th ACM conference on Computer and communications security, pages 165--178, New York, NY, USA, 2003. ACM Press.

Digital Library

[8]

G. Andersen, H. Balakrishnan, N. Feamster, T. Koponent, D. Moon, and S. Shenker. Accountable internet protocol (AIP). In ACM SIGCOMM 2008, Aug. 2008.

Digital Library

[9]

M. Backes, I. Cervesato, A. D. Jaggard, A.Scedrov, and J.-K. Tsay. Cryptographically sound security proofs for basic and public-key Kerberos. In D. Gollmann, J. Meier, and A. Sabelfeld, editors, ESORICS, volume 4189 of Lecture Notes in Computer Science, pages 362--383. Springer, 2006.

Digital Library

[10]

H. Ballani, P. Francis, and X. Zhang. A study of prefix hijacking and interception in the Internet. In ACM SIGCOMM 2007, Aug. 2007.

Digital Library

[11]

B. Barak, S. Goldberg, and D. Xiao. Protocols and lower bounds for failure localization in the Internet. In EUROCRYPT 2008, Apr. 2008.

Digital Library

[12]

A. Barbir, S. Murphy, and Y. Yang. Generic threats to routing protocols. Network Working Group. IETF Request for Comments: 3962. Available at http://www.ietf.org/rfc/rfc4593.txt, 2004.

[13]

R. Barrett, S. V. Haar, and R. Whitestone. Routing snafu snips net service. Interactive Week, 1997. http://www.zdnet.com/zdnn/content/ inwk/0413/inwk0032.html.

[14]

M. Bellare, T. Kohno, and C. Namprempre. Authenticated encryption in SSH: provably fixing the SSH binary packet protocol. In CCS '02. ACM Press, 2002.

Digital Library

[15]

S. M. Bellovin and E. R. Gansner. Using link cuts to attack internet routing. In Tech. Rep., ATT Research, 2004, Work in Progress 2003 USENIX, 2003.

[16]

S. M. Bellovin, J. Ioannidis, and R. Bush. Position paper: Operational requirements for secured BGP. DHS Secure Routing Workshop, 2005.

[17]

A. Boldyreva, M. Fischlin, A. Palacio, and B. Warinschi. A closer look at PKI: Security and efficiency. In T. Okamoto and X. Wang, editors, Public Key Cryptography, volume 4450 of Lecture Notes in Computer Science, pages 458--475. Springer, 2007.

Digital Library

[18]

A. Boldyreva and V. Kumar. Extended abstract: Provable-security analysis of authenticated encryption in Kerberos. In IEEE Symposium on Security and Privacy, pages 92--100. IEEE Computer Society, 2007.

Digital Library

[19]

A. Boldyreva and R. Lychev. Provable Security of (S-BGP) and other Path Vector Protocols: Model, Analysis, and Extenstions. Full Version of this Paper, 2012. Available from the authors' websites.

[20]

M. A. Brown. Renesys blog. Pakistan hijacks YouTube, 2008. http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml.

[21]

K. Butler, T. Farley, P. McDaniel, and J. Rexford. A survey of BGP security issues and solutions. Technical Report TD-5UGJ33, AT&T Labs, 2004.

[22]

K. Butler, P. McDaniel, and W. Aiello. Optimizing BGP security by exploiting path stability. In CCS '06: Proceedings of the 13th ACM conference on Computer and communications security, pages 298--310, New York, NY, USA, 2006. ACM Press.

Digital Library

[23]

H. Chan, D. Dash, A. Perrig, and H. Zhang. Modeling adoptability of secure BGP protocols. In SIGMETRICS '06/Performance '06: Proceedings of the joint international conference on Measurement and modeling of computer systems, pages 389--390, New York, NY, USA, 2006. ACM Press.

Digital Library

[24]

Y.-J. Chi, R. Oliveira, and L. Zhang. Cyclops: The internet as-level observatory. ACM SIGCOMM Computer Communication Review, 2008.

Digital Library

[25]

J. Cowie. Renesys blog. China's 18-minute mystery, 2010. http://www.renesys.com/blog/2010/11/chinas-18-minute-mystery.shtml.

[26]

B. Dickson. Route Leaks -- Requirements for Detection and Prevention thereof (v2). IETF Internet Draft, 2012. Available at http://tools.ietf.org/html/draft-dickson-sidr-route-leak-reqts-02.

[27]

L. Gao and J. Rexford. Stable internet routing without global coordination. SIGMETRICS Perform. Eval. Rev., 28:307--317, June 2000.

Digital Library

[28]

P. Gill, M. Schapira, and S. Goldberg. Let the market drive deployment: A strategy for transitioning to BGP security. In ACM SIGCOMM 2011, Aug. 2011.

Digital Library

[29]

S. Goldberg, S. Halevi, A. Jaggard, V. Ramachandran, and R. Wright. Rationality and traffic attraction: Incentives for honestly announcing paths in BGP. In ACM SIGCOMM 2008, Aug. 2008.

Digital Library

[30]

S. Goldberg, M. Schapira, P. Hummon, and J. Rexford. How secure are secure interdomain routing protocols? In ACM SIGCOMM 2010, Aug. 2010.

Digital Library

[31]

S. Goldberg, D. Xiao, B. Barak, J. Rexford, and E. Tromer. Path-quality monitoring in the presence of adversaries. In ACM SIGMETRICS 2008, June 2008.

Digital Library

[32]

G. Goodell, W. Aiello, T. Griffin, J. Ioannidis, P. McDaniel, and A. Rubin. Working around bgp: An incremental approach to improving security and accuracy in interdomain routing, 2003.

[33]

Y.-C. Hu, A. Perrig, and M. Sirbu. SPV: secure path vector routing for securing BGP. In SIGCOMM '04: Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications, pages 179--192, New York, NY, USA, 2004. ACM Press.

Digital Library

[34]

S. Kent, C. Lynn, and K. Seo. Secure border gateway protocol (S-BGP). IEEE Journal on Selected Areas in Communications, 18(4):582--592, 2000.

Digital Library

[35]

S. T. Kent, C. Lynn, J. Mikkelson, and K. Seo. Secure Border Gateway Protocol (S-BGP) - Real world performance and deployment issues. In NDSS. The Internet Society, 2000.

[36]

M. Lepinski. An infrustructure to support secure internet routing.

[37]

M. Lepinski. BGPSEC Protocol Specification (v4). IETF Internet Draft, 2012. Available at http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-protocol-04.

[38]

R. Mahajan, D. Wetherall, and T. Anderson. Understanding bgp misconfiguration. In ACM SIGCOMM 2002, Aug. 2002.

Digital Library

[39]

A. Mityagin, S. Panjwani, and B. Raghavan. Analysis of the SPV secure routing protocol. Cryptology ePrint Archive, Report 2006/087, 2006. http://eprint.iacr.org/.

[40]

S. Murphy. BGP security vulnerabilities analysis. Network Working Group. IETF Request for Comments: 3962. Available at http://www.ietf.org/rfc/rfc4272.txt, 2006.

[41]

D. of Homeland Security. The national strategy to secure cyberspace, 2003. http://www.whitehouse.gov/pcipb/.

[42]

U. of Oregon Route Views Project. http://www.routeviews.org.

[43]

K. G. Paterson and G. J. Watson. Plaintext-dependent decryption: A formal security treatment of SSH-CTR. In H.Gilbert, editor, EUROCRYPT, volume 6110 of Lecture Notes in Computer Science, pages 345--361. Springer, 2010.

Digital Library

[44]

Y. Rikhter, T. Li, and S. Hares. A Border Gateway Protocol 4 (BGP-4). Network Working Group. IETF Request for Comments: 4271. Available at http://www.ietf.org/rfc/rfc4271.txt, 2006.

[45]

T. Ristenpart and S. Yilek. The power of proofs-of-possession: Securing multiparty signatures against rogue-key attacks. In M. Naor, editor, EUROCRYPT, volume 4515 of Lecture Notes in Computer Science, pages 228--245. Springer, 2007.

Digital Library

[46]

L. Subramanian, V. Roth, I. Stoica, S. Shenker, and R. Katz. Listen and whisper: Security mechanisms for BGP. In Proc. First Symposium on Networked Systems Design and Implementation (NSDI), San Francisco, CA, Mar. 2004.

Digital Library

[47]

S. Sundaresan, R. Lychev, and V. Valancius. Preventing attacks on BGP policies: One bit is enough. Technical Report GT-CS-11-07, Georgia Institute of Technology, 2011.

[48]

The BGP TTL Security Hack. http://tools.ietf.org/html/draft-gill-btsh-02.

[49]

T. Wan, E. Kranakis, and P. C. van Oorschot. Pretty secure BGP, psBGP. In NDSS. The Internet Society, 2005.

[50]

R. White. Securing BGP through secure origin BGP. The Internet Protocol Journal, 6(3), Sept. 2003. http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_6-3/ipj_6-3.pdf.

[51]

M. Zhao, S. W. Smith, and D. M. Nicol. Aggregated path authentication for efficient BGP security. In CCS '05: Proceedings of the 12th ACM conference on Computer and communications security, pages 128--138, New York, NY, USA, 2005. ACM Press.

Digital Library

Cited By

Ding XChen LZhou PJiang WJin H(2022)Differentially Private Deep Learning with Iterative Gradient Descent OptimizationACM/IMS Transactions on Data Science10.1145/34912542:4(1-27)Online publication date: 3-Feb-2022
https://dl.acm.org/doi/10.1145/3491254
He LWittkopf JJun JErickson KBallagas R(2021)ModElecProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/34950005:4(1-20)Online publication date: 30-Dec-2021
https://dl.acm.org/doi/10.1145/3495000
Jin WMurali SCho YZhu HLi TPanik RRimu ADeb SWatkins KYuan XLi M(2021)CycleGuardProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/34949925:4(1-30)Online publication date: 30-Dec-2021
https://dl.acm.org/doi/10.1145/3494992
Show More Cited By

Index Terms

Provable security of S-BGP and other path vector protocols: model, analysis and extensions
1. Networks
  1. Network protocols
    1. Network layer protocols
      1. Routing protocols
    2. Protocol correctness
      1. Protocol testing and verification

Recommendations

Network routing with path vector protocols: theory and applications
SIGCOMM '03: Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications

Path vector protocols are currently in the limelight, mainly because the inter-domain routing protocol of the Internet, BGP (Border Gateway Protocol), belongs to this class. In this paper, we cast the operation of path vector protocols into a broad ...
Improved convertible authenticated encryption scheme with provable security

Convertible authenticated encryption (CAE) schemes allow a signer to produce an authenticated ciphertext such that only a designated recipient can decrypt it and verify the recovered signature. The conversion property further enables the designated ...
Path stability in partially deployed secure BGP routing
Abstract
Border Gateway Protocol (BGP), as the current de-facto routing protocol connecting various cooperating domains on the Internet, did not consider security when it was originally designed. With the expansion of the Internet, security is ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security

October 2012

1088 pages

ISBN:9781450316514

DOI:10.1145/2382196

General Chair:
Ting Yu
North Carolina State University, USA
,
Program Chairs:
George Danezis
Microsoft Research Cambridge, UK
,
Virgil Gligor
Carnegie Mellon University, USA

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'12

Sponsor:

SIGSAC

CCS'12: the ACM Conference on Computer and Communications Security

October 16 - 18, 2012

North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

23
Total Citations
View Citations
548
Total Downloads

Downloads (Last 12 months)10
Downloads (Last 6 weeks)2

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ding XChen LZhou PJiang WJin H(2022)Differentially Private Deep Learning with Iterative Gradient Descent OptimizationACM/IMS Transactions on Data Science10.1145/34912542:4(1-27)Online publication date: 3-Feb-2022
https://dl.acm.org/doi/10.1145/3491254
He LWittkopf JJun JErickson KBallagas R(2021)ModElecProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/34950005:4(1-20)Online publication date: 30-Dec-2021
https://dl.acm.org/doi/10.1145/3495000
Jin WMurali SCho YZhu HLi TPanik RRimu ADeb SWatkins KYuan XLi M(2021)CycleGuardProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/34949925:4(1-30)Online publication date: 30-Dec-2021
https://dl.acm.org/doi/10.1145/3494992
Gairola SBohra MShaheer NJayaprakash NJoshi PBalasubramaniam AMurali KKwatra NJain M(2021)SmartKCProceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies10.1145/34949825:4(1-27)Online publication date: 30-Dec-2021
https://dl.acm.org/doi/10.1145/3494982
Liu CGao CXia XLo DGrundy JYang X(2021)On the Reproducibility and Replicability of Deep Learning in Software EngineeringACM Transactions on Software Engineering and Methodology10.1145/347753531:1(1-46)Online publication date: 26-Oct-2021
https://dl.acm.org/doi/10.1145/3477535
Liu CXia XLo DLiu ZHassan ALi S(2021)CodeMatcher: Searching Code Based on Sequential Semantics of Important Query WordsACM Transactions on Software Engineering and Methodology10.1145/346540331:1(1-37)Online publication date: 28-Sep-2021
https://dl.acm.org/doi/10.1145/3465403
Denning P(2021)Locality and professional lifeCommunications of the ACM10.1145/346146664:6(32-34)Online publication date: 24-May-2021
https://dl.acm.org/doi/10.1145/3461466
Mercuri RNeumann P(2021)The risks of election believability (or lack thereof)Communications of the ACM10.1145/346146464:6(24-30)Online publication date: 24-May-2021
https://dl.acm.org/doi/10.1145/3461464
Sun YApostolaki MBirge-Lee HVanbever LRexford JChiang MMittal P(2021)Securing internet applications from routing attacksCommunications of the ACM10.1145/342977564:6(86-96)Online publication date: 24-May-2021
https://dl.acm.org/doi/10.1145/3429775
Monroe D(2020)Seeking artificial common senseCommunications of the ACM10.1145/342258863:11(14-16)Online publication date: 22-Oct-2020
https://dl.acm.org/doi/10.1145/3422588
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten