Secure Routing
Download
Report
Transcript Secure Routing
Challenge: Securing
Routing Protocols
Adrian Perrig
[email protected]
Why Secure Routing?
Deployed routing protocols assume a
trusted environment!
Even misconfigurations can severely
disrupt routing protocols
Secure routing properties
Reduce misconfiguration impact
Robust against compromised nodes
(Byzantine failures)
Only legitimate nodes participate in forwarding
Prevent attackers from injecting bogus routes
Secure Routing Illustration
C
G
J
A
D
S
E
I
B
H
F
Secure Ad Hoc Network Routing Protocols
SEAD: Secure Efficient Ad hoc Distance
vector routing protocol [WMCSA 2002]
Ariadne: secure on-demand routing protocol
[Mobicom 2002]
New routing attacks
Wormhole attack [Infocom 2003]
Rushing attack
Joint work with Yih-Chun Hu and David Johnson
Secure Sensor Network Routing
Challenges
Energy constraints invite DoS attacks
Memory and bandwidth constraints prevent using
sophisticated routing protocols
Compromised nodes may inject malicious
messages or drop data traffic
Current approach: combine probabilistic
routing with multi-path routing
Secure Internet Routing
Challenges
Legacy systems
Untrusted domains, complicated trust
relationships
Even misconfigurations can significantly perturb
Internet routing
Current project: use efficient cryptographic
techniques to verify BGP routing updates
Research Directions
Today we enumerate attacks and protect
against them
To start securing BGP, RPsec IETF working group
is establishing a list of BGP vulnerabilities
We need to establish metrics
Allows comparison of protocols
Study security properties vs performance
Measure effectiveness of DoS attacks
• E.g., in sensor networks: attacker energy / network
energy