Sciweavers

CCR
2007

Analysis of the SPV secure routing protocol: weaknesses and lessons

13 years 11 months ago
Analysis of the SPV secure routing protocol: weaknesses and lessons
We analyze a secure routing protocol, Secure Path Vector (SPV), proposed in SIGCOMM 2004. SPV aims to provide authenticity for route announcements in the Border Gateway Protocol (BGP) using an efficient alternative to ordinary digital signatures, called constant-time signatures. Today, SPV is often considered the best cryptographic defense for BGP. We find subtle flaws in the design of SPV which lead to attacks that can be mounted by 60% of Autonomous Systems in the Internet. In addition, we study several of SPV’s design decisions and assumptions and highlight the requirements for security of routing protocols. In light of our analysis, we reexamine the need for constant-time signatures and find that certain standard digital signature schemes can provide the same level of efficiency for route authenticity. Categories and Subject Descriptors C.2.0 [Computer Communication Networks]: Security and protection General Terms Security Keywords Routing, BGP, Secure Path Vector
Barath Raghavan, Saurabh Panjwani, Anton Mityagin
Added 12 Dec 2010
Updated 12 Dec 2010
Type Journal
Year 2007
Where CCR
Authors Barath Raghavan, Saurabh Panjwani, Anton Mityagin
Comments (0)