Keychain-Based Signatures for Securing BGP

Yin, Heng; Sheng, Bo; Wang, Haining; Pan, Jianping

doi:10.1109/jsac.2010.101008

Cited by 11 publications

(2 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The authors also argued that some standard digital signatures are as efficient as one-time signatures with respect to route validation. Based on this, Yin et al [104] further optimized the performance of the signature generation and verification algorithms used in SPV, and also reduced the size of the created signatures.…”

Section: Proposals Relying On Symmetric Cryptographymentioning

confidence: 99%

The state of affairs in BGP security: A survey of attacks and defenses

Mitseva

Panchenko

Engel

2018

Computer Communications

View full text Add to dashboard Cite

The Border Gateway Protocol (BGP) is the de facto standard interdomain routing protocol. Despite its critical role on the Internet, it does not provide any security guarantees. In response to this, a large amount of research has proposed a wide variety BGP security extensions and detection-recovery systems in recent decades. Nevertheless, BGP remains vulnerable to many types of attack. In this work, we conduct an up-to-date review of fundamental BGP threats and present a methodology for evaluation of existing BGP security proposals. Based on this, we introduce a comprehensive and up-to-date survey of proposals intended to make BGP secure and methods for detection and mitigation of routing instabilities. Last but not least, we identify gaps in research, and pinpoint open issues and unsolved challenges.

show abstract

Section: Proposals Relying On Symmetric Cryptographymentioning

confidence: 99%

The state of affairs in BGP security: A survey of attacks and defenses

Mitseva

Panchenko

Engel

2018

Computer Communications

View full text Add to dashboard Cite

show abstract

“…Yin et al . proposed a keychain‐based signature scheme for path authentication , with low CPU and memory overheads that can achieve small signature for BGP speakers. The performance of the keychain‐based signature scheme is as efficient as the aggregated path authentication.…”

Section: Related Workmentioning

confidence: 99%

3S: three-signature path authentication for BGP security

Liu

Deng

Liu

et al. 2015

Security Comm. Networks

View full text Add to dashboard Cite

Because of the lack of mechanism to verify a route's path authorization, border gateway protocol (BGP) has been disrupted by route hijacking for decades. Although several secure inter‐domain protocols have been proposed during the past years, such as secure BGP (S‐BGP) and BGPsec, they all have serious performance issues in both time and space cost, preventing their further deployment in the practical Internet. Statistical results from the real Internet reveal that multiple Internet protocol prefixes could often been announced along with the same AS path/sub‐path to its downstream autonomous systems; hence, the route announcements can be aggregated at the level of prefix. In light of this, we propose a three‐signature path authentication (3S) scheme to improve the performance of path authentication. We first introduce the concept of “virtual AS,” to reflect a cluster of prefixes that are announced along a common path/sub‐path. Then we aggregate those prefixes into an atom and only need to sign the first route announcement of a virtual AS instead of single prefixes; thus, it can reduce the number of cryptographic operations significantly. We evaluate the performance of 3S scheme in both theoretical and experimental ways; the results have shown that our proposed scheme is more efficient yet without losing security capabilities as existing methods such as S‐BGP and BGPsec. Copyright © 2015 John Wiley & Sons, Ltd.

show abstract

A secure routing model based on distance vector routing algorithm

Wang

Yang

et al. 2012

Sci. China Inf. Sci.

View full text Add to dashboard Cite

The model of transfer line and an adaptive congestion-oriented routing algorithm Science in China Series F-Information Sciences 44, 270 (2001); An optimization model for fragmentation-based routing in delay tolerant networks SCIENCE CHINA Information Sciences 59, 022314 (2016); A QoS-aware routing algorithm based on ant-cluster in wireless multimedia sensor networks SCIENCE CHINA Information Sciences 57, 102307 (2014);. RESEARCH PAPER. SCIENCE CHINA Information Sciences

show abstract

Keychain-Based Signatures for Securing BGP

Cited by 11 publications

References 20 publications

The state of affairs in BGP security: A survey of attacks and defenses

The state of affairs in BGP security: A survey of attacks and defenses

3S: three-signature path authentication for BGP security

A secure routing model based on distance vector routing algorithm

Contact Info

Product

Resources

About