Pretty Secure BGP, psBGP

12 years 11 months ago
Pretty Secure BGP, psBGP
The Border Gateway Protocol (BGP) is an IETF standard inter-domain routing protocol on the Internet. However, it is well known that BGP is vulnerable to a variety of attacks, and that a single misconfigured or malicious BGP speaker could result in large scale service disruption. We first summarize a set of security goals for BGP, and then propose Pretty Secure BGP (psBGP) as a new security protocol achieving these goals. psBGP makes use of a centralized trust model for authenticating Autonomous System (AS) numbers, and a decentralized trust model for verifying the propriety of IP prefix origination. We compare psBGP with S-BGP and soBGP, the two leading security proposals for BGP. We believe psBGP trades off the strong security guarantees of S-BGP for presumed-simpler operations, while requiring a different endorsement model: each AS must select a small number (e.g., one or two) of its peers from which to obtain endorsement of its prefix ownership assertions. This work contributes...
Tao Wan, Evangelos Kranakis, Paul C. van Oorschot
Added 25 Jun 2010
Updated 25 Jun 2010
Type Conference
Year 2005
Where NDSS
Authors Tao Wan, Evangelos Kranakis, Paul C. van Oorschot
Comments (0)