Accession Number : ADA461568


Title :   Efficient Security Mechanisms for the Border Gateway Routing Protocol


Corporate Author : CALIFORNIA UNIV SANTA CRUZ DEPT OF COMPUTER ENGINEERING


Personal Author(s) : Smith, Bradley R ; Garcia-Luna-Aceves, J J


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a461568.pdf


Report Date : 22 Aug 1997


Pagination or Media Count : 19


Abstract : We analyze the security of the BGP routing protocol and identify a number of vulnerabilities in its design and the corresponding threats. We then present modifications to the protocol that minimize or eliminate the most significant threats. The innovation we introduce is the protection of the second-to-last hop information contained in the AS_PATH attributes by digital signatures, and the use of this predecessor information to verify the path of the selected route. With these techniques, we are able to secure complete path information in near constant space, avoiding the recursive protection mechanisms proposed for BGP in the past.


Descriptors :   *ROUTING , *INTERNET , DIGITAL SYSTEMS , THREATS , MODIFICATION , SECURITY , VULNERABILITY , EFFICIENCY , RECURSIVE FUNCTIONS , SIGNATURES


Subject Categories : Computer Programming and Software


Distribution Statement : APPROVED FOR PUBLIC RELEASE