Design and analysis of optimization algorithms to minimize cryptographic processing in BGP security protocols

Sriram, Vinay K.; Montgomery, Doug

doi:10.1016/j.comcom.2017.03.007

Cited by 9 publications

(11 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Other BGPsec performance optimization techniques such as caching already computed AS path segments and their BGPsec signature validation results have been studied [36]. These techniques may be considered in future enhancements of NIST BGPsec implementation.…”

Section: High-speed Implementation Tarabgpsec™mentioning

confidence: 99%

BGP secure routing extension (BGP-SRx) :

Borchert¹,

Lee²,

Sriram³

et al. 2021

Self Cite

View full text Add to dashboard Cite

In the early 2000s, the IETF formed the Secure Inter-Domain Routing (SIDR) working group which was tasked with developing a security model for the Border Gateway Protocol (BGP) with the intent to eliminate or reduce the rate of successful BGP hijacks and other attacks against the core routing infrastructure. The result was the development of a two-stage security approach, one based on the prefix (IP address range) origination of an autonomous system's (AS) announcement and the other one dealing with the validation of the path such an announcement traversed on. The first stage is called the Resource Public Key Infrastructure (RPKI) and has been in its deployment stage since early 2013 and the second one is called BGPsec and includes a modification to the BGP specification RFC 4721. BGPsec became an RFC standard in late 2017. During that time, NIST actively participated in the development of the necessary RFCs and developed in parallel a reference implementation that addresses both tiers of the developed security model.

show abstract

Section: High-speed Implementation Tarabgpsec™mentioning

confidence: 99%

BGP secure routing extension (BGP-SRx) :

Borchert¹,

Lee²,

Sriram³

et al. 2021

Self Cite

View full text Add to dashboard Cite

show abstract

“…BGPsec update processing are available [Adalier1] [Adalier2] [NIST-SRx]. Optimization 964 algorithms for BGPsec update processing are proposed and analyzed in [Sriram2]. 965…”

Section: Security Recommendation 33: Inbound Prefix Filtering For Leamentioning

confidence: 99%

Resilient Interdomain Traffic Exchange

Sriram¹,

Montgomery²

2019

Preprint

View full text Add to dashboard Cite

“…These are believed to be the most promising solutions, due to the extensive security they offer. Although intuitive optimizations to these proposals have been discussed, e.g., using additional hardware [76] or caching update messages to reduce the number of signature verification operations [76,77,90,91], their expensive cryptographic operations remain a major obstacle to their adoption.…”

Section: Proposals Relying On Asymmetric Cryptographymentioning

confidence: 99%

The state of affairs in BGP security: A survey of attacks and defenses

Mitseva

Panchenko

Engel

2018

Computer Communications

View full text Add to dashboard Cite

The Border Gateway Protocol (BGP) is the de facto standard interdomain routing protocol. Despite its critical role on the Internet, it does not provide any security guarantees. In response to this, a large amount of research has proposed a wide variety BGP security extensions and detection-recovery systems in recent decades. Nevertheless, BGP remains vulnerable to many types of attack. In this work, we conduct an up-to-date review of fundamental BGP threats and present a methodology for evaluation of existing BGP security proposals. Based on this, we introduce a comprehensive and up-to-date survey of proposals intended to make BGP secure and methods for detection and mitigation of routing instabilities. Last but not least, we identify gaps in research, and pinpoint open issues and unsolved challenges.

show abstract

Design and analysis of optimization algorithms to minimize cryptographic processing in BGP security protocols

Cited by 9 publications

References 5 publications

BGP secure routing extension (BGP-SRx) :

BGP secure routing extension (BGP-SRx) :

Resilient Interdomain Traffic Exchange

The state of affairs in BGP security: A survey of attacks and defenses

Contact Info

Product

Resources

About