| | |
Summary: Don't Secure Routing Protocols, Secure Data Delivery
Dan Wendlandt, Ioannis Avramopoulos, David G. Andersen, and Jennifer Rexford
1 Introduction
Internet routing and forwarding are vulnerable to attacks
and misconfigurations that compromise secure communi-
cations between end-systems. With networks facing exter-
nal attempts to compromise their routers [3] and insiders
able to commandeer infrastructure, subversion of secure
Internet communication is an ever more serious threat.
Much prior work has attempted to provide communi-
cation security by securing the routing protocols (e.g., S-
BGP [10] and so-BGP [12]). We argue that solving the
problem of secure routing is both harder and less effective
than directly solving the core problems needed to commu-
nicate securely: end-to-end confidentiality, integrity, and
availability. Secure routing protocols focus on providing
origin authentication and path validity, identified as nec-
essary by the IETF to secure BGP [7]. Unfortunately,
these properties are both too little and too much:
Secure routing is too little: As we discuss further in
|
