[cs-talks] Upcoming CS Seminars: BUSec (Wed)
fgreen1 at bu.edu
Mon Nov 9 13:12:09 EST 2015
Jumpstarting Interdomain Routing Security
Avichai Cohen, Hebrew University of Jerusalem
Wednesday, November 11, 2015 at 10am in MCS 180- Hariri Seminar Room
ABSTRACT: Extensive standardization and R&D efforts are dedicated to establishing secure interdomain routing. These efforts focus on two complementary mechanisms: origin authentication with RPKI, and path validation with BGPsec. However, while RPKI is finally gaining traction, the adoption of BGPsec seems not even on the horizon. This is due to inherent, possibly insurmountable, obstacles, including the need to replace today's routing infrastructure, meagre benefits in partial deployment, and the overhead of online cryptography. We aim to design lightweight alternatives to BGPsec that can significantly improve interdomain routing security.
We propose path-end validation, a modest extension to RPKI that does not require modifications to BGP message format nor online cryptography. We show, through extensive simulations on empirically-derived datasets, that path-end validation yields significant security benefits, even with very limited partial deployment. We present an open-source prototype implementation of path-end validation, which does not require changing today's routers, illustrating the deployability advantage over BGPsec. We also explore additional mechanisms for jumpstarting interdomain routing security.
Joint work with Yossi Gilad (Hebrew University), Amir Herzberg (Bar-Ilan University) and Michael Schapira (Hebrew University)
More Seminar Announcements to Follow
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cs-talks