[NRG] FW: [Busec] [BUsec] tomorrow Avichai Cohen, Hebrew University of Jerusalem (10am)

Crovella, Mark E crovella at bu.edu
Tue Nov 10 20:14:57 EST 2015


Cross-posting for potential interest.

From: <busec-bounces at cs.bu.edu<mailto:busec-bounces at cs.bu.edu>> on behalf of Foteini Baldimtsi <foteini at baldimtsi.com<mailto:foteini at baldimtsi.com>>
Date: Tuesday, November 10, 2015 at 8:12 PM
To: busec <busec at cs.bu.edu<mailto:busec at cs.bu.edu>>, "crypto at cs.brown.edu<mailto:crypto at cs.brown.edu>" <crypto at cs.brown.edu<mailto:crypto at cs.brown.edu>>, "crypto at ll.mit.edu<mailto:crypto at ll.mit.edu>" <crypto at ll.mit.edu<mailto:crypto at ll.mit.edu>>, "crypto-theory at mit.edu<mailto:crypto-theory at mit.edu>" <crypto-theory at mit.edu<mailto:crypto-theory at mit.edu>>
Subject: [Busec] [BUsec] tomorrow Avichai Cohen, Hebrew University of Jerusalem (10am)

Just a reminder for tomorrow's BUsec seminar. Avichai Cohen from Hebrew University of Jerusalem will talk about Jumpstarting Interdomain Routing Security.

See you all tomorrow!


Foteini


BUsec Calendar:  http://www.bu.edu/cs/busec/
BUsec Mailing list: http://cs-mailman.bu.edu/mailman/listinfo/busec

The busec seminar gratefully acknowledges the support of BU's Center for Reliable Information Systems and Cyber Security (RISCS).


*****

Title: Jumpstarting Interdomain Routing Security
Speaker: Avichai Cohen, Hebrew University of Jerusalem
Hariri
Wednesday Nov. 11, 10-11am



Abstract:

Extensive standardization and R&D efforts are dedicated to establishing secure interdomain routing. These efforts focus on two complementary mechanisms: origin authentication with RPKI, and path validation with BGPsec. However, while RPKI is finally gaining traction, the adoption of BGPsec seems not even on the horizon. This is due to inherent, possibly insurmountable, obstacles, including the need to replace today's routing infrastructure, meagre benefits in partial deployment, and the overhead of online cryptography. We aim to design lightweight alternatives to BGPsec that can significantly improve interdomain routing security.

We propose path-end validation, a modest extension to RPKI that does not require modifications to BGP message format nor online cryptography. We show, through extensive simulations on empirically-derived datasets, that path-end validation yields significant security benefits, even with very limited partial deployment. We present an open-source prototype implementation of path-end validation, which does not require changing today's routers, illustrating the deployability advantage over BGPsec. We also explore additional mechanisms for jumpstarting interdomain routing security.

Joint work with Yossi Gilad (Hebrew University), Amir Herzberg (Bar-Ilan University) and Michael Schapira (Hebrew University)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cs-mailman.bu.edu/pipermail/nrg-l/attachments/20151111/0017869d/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ATT00001.txt
URL: <http://cs-mailman.bu.edu/pipermail/nrg-l/attachments/20151111/0017869d/attachment.txt>


More information about the NRG-L mailing list