research-article

Private and verifiable interdomain routing decisions

Authors:

Alexander J. T. Gurney,

Andreas Haeberlen,

Boon Thau LooAuthors Info & Claims

IEEE/ACM Transactions on Networking (TON), Volume 24, Issue 2

Pages 1011 - 1024

https://doi.org/10.1109/TNET.2015.2409233

Published: 01 April 2016 Publication History

Abstract

Existing secure interdomain routing protocols can verify validity properties about individual routes, such as whether they correspond to a real network path. It is often useful to verify more complex properties relating to the route decision procedure -- for example, whether the chosen route was the best one available, or whether it was consistent with the network's peering agreements. However, this is difficult to do without knowing a network's routing policy and full routing state, which are not normally disclosed. In this paper, we show how a network can allow its peers to verify a number of nontrivial properties of its interdomain routing decisions without revealing any additional information. If all the properties hold, the peers learn nothing beyond what the interdomain routing protocol already reveals; if a property does not hold, at least one peer can detect this and prove the violation. We present SPIDeR, a practical system that applies this approach to the Border Gateway Protocol, and we report results from an experimental evaluation to demonstrate that SPIDeR has a reasonable overhead.

References

[1]

AS Relationships Dataset from CAIDA,, {Online}. Available: http://www.caida.org/data/active/as-relationships/

[2]

M. Bellare and P. Rogaway, "Random oracles are practical: A paradigm for designing efficient protocols," in Proc. ACM CCS '93, Fairfax, VA, USA, 1993.

Digital Library

[3]

O. Bonaventure and B. Quoitin, "Common utilizations of the BGP community attribute," Internet Draft, 2003 {Online}. Available: http://tools.ietf.org/html/draft-bonaventure-quoitin-bgp-communities-00

[4]

D. Catalano, M. Di Raimondo, D. Fiore, and M. Messina, "Zero-knowledge sets with short proofs," IEEE Trans. Inf. Theory, vol. 57, no. 4, pp. 2488--2502, Apr. 2011.

Digital Library

[5]

E. Chen and T. Bates, "An application of the BGP community attribute in multi-home routing," in RFC 1998, Aug. 1996 {Online}. Available: https://tools.ietf.org/html/rfc1998

Digital Library

[6]

X. Dimitropoulos et al., "AS relationships: Inference and validation," ACM SIGCOMM CCR, no. 1, pp. 29--40, Jan. 2007.

Digital Library

[7]

B. Donnet and O. Bonaventure, "On BGP communities," ACM CCR, vol. 38, no. 2, pp. 55--59, Apr. 2008.

Digital Library

[8]

P. Faratin, D. Clark, P. Gilmore, S. Bauer, A. Berger, and W. Lehr, "Complexity of Internet interconnections: Technology, incentives and implications for policy," presented at the 35th Annu. Telecomm. Policy Research Conf. (TPRC), Arlington, VA, USA, Sep. 2007.

[9]

N. Feamster, Z. M. Mao, and J. Rexford, "BorderGuard: Detecting cold potatoes from peers," presented at the 2004 Internet Measurement Conf., IMC '04, Taormina, Sicily, Italy, Oct. 2004.

Digital Library

[10]

L. Gao, "On inferring autonomous system relationships in the Internet," IEEE/ACM Trans. Netw., vol. 9, pp. 733--745, Dec. 2001.

Digital Library

[11]

L. Gao and J. Rexford, "Stable Internet routing without global coordination," IEEE/ACM Trans. Netw., vol. 9, no. 6, pp. 681--692, Dec. 2001.

Digital Library

[12]

M. Garofalakis, J. Hellerstein, and P. Maniatis, "Proof sketches: Verifiable in-network aggregation," presented at the 23rd Int. Conf. Data Engineering, ICDE 2007, Istanbul, Turkey, Apr. 2007.

[13]

S. Goldberg, S. Halevi, A. Jaggard, V. Ramachandran, and R. Wright, "Rationality and traffic attraction: Incentives for honestly announcing paths in BGP," presented at the ACM SIGCOMM 2008, Seattle, WA, USA, Aug. 2008.

Digital Library

[14]

S. Goldwasser, S. Micali, and C. Rackoff, "The knowledge complexity of interactive proof systems," SIAM J. Comput., vol. 18, no. 1, pp. 186--208, 1989.

Digital Library

[15]

D. Gupta et al., "A new approach to interdomain routing based on secure multi-party computation," presented at the 11th ACM Workshop on Hot Topics in Networks (HotNets-XI), Redmond, WA, USA, Oct. 2012.

Digital Library

[16]

A. J. T. Gurney, A. Haeberlen, W. Zhou, M. Sherr, and B. T. Loo, "Having your cake and eating it too: Routing security with privacy protections," presented at the 10th ACM Workshop on Hot Topics in Networks (HotNets-X), Cambridge, MA, USA, Nov. 2011.

Digital Library

[17]

A. Haeberlen, I. Avramopoulos, J. Rexford, and P. Druschel, "NetReview: Detecting when interdomain routing goes wrong," presented at the NSDI '09, Boston, MA, USA, 2009.

Digital Library

[18]

IETF Working Group on Secure Inter-Domain Routing, IETF {Online}. Available: http://tools.ietf.org/wg/sidr

[19]

A. J. Kalafut, C. A. Shue, and M. Gupta, "Malicious hubs: Detecting abnormally malicious autonomous systems," presented at the IEEE INFOCOM San Diego, CA, USA, 2010.

Digital Library

[20]

S. Kent, C. Lynn, and K. Seo, "Secure border gateway protocol (S-BGP)," IEEE J. Sel. Areas Commun., vol. 18, no. 4, pp. 582--592, 2000.

Digital Library

[21]

W. Kumari and S. Kotikalapudi, "Recommendation for not using AS_SET and AS_CONFED_SET in BGP," in RFC 6472 {Online}. Available: https://tools.ietf.org/html/rfc6472

[22]

H. V. Madhyastha, E. Katz-Bassett, T. Anderson, A. Krishnamurthy, and A. Venkataramani, "iPlane Nano: Path prediction for peer-to-peer applications," presented at the NSDI 2009, Boston, MA, USA, Apr. 2009.

Digital Library

[23]

R. Mahajan, M. Rodrig, D. Wetherall, and J. Zahorjan, "Sustaining cooperation in multi-hop wireless networks," presented at the NSDI 2005, Boston, MA, USA, May 2005.

Digital Library

[24]

R. Mahajan, D. Wetherall, and T. Anderson, "Understanding BGP misconfiguration," presented at the ACM SIGCOMM 2002, Pittsburgh, PA, USA, Sep. 2002.

Digital Library

[25]

R. Merkle, "Protocols for public key cryptosystems," in Proc. IEEE Computer Soc. Symp. Security and Privacy, Apr. 1980, pp. 122--133.

[26]

S. Micali, M. Rabin, and J. Kilian, "Zero-knowledge sets," presented at the FOCS 2003, Cambridge, MA, USA, Oct. 2003.

Digital Library

[27]

W. Mühlbauer, A. Feldmann, O. Maennel, M. Roughan, and S. Uhlig, "Building an AS-topology model that captures route diversity," presented at the ACM SIGCOMM, Pisa, Italy, Sep. 2006.

Digital Library

[28]

S. Nagaraja, V. Jalaparti, M. Caesar, and N. Borisov, "P3CA: Private anomaly detection across ISP networks," presented at the Privacy Enhancing Technologies Symp. (PETS), Waterloo, Canada, Jul. 2011.

Digital Library

[29]

J. Nagle, "Congestion control in IP/TCP internetworks," in RFC 896, 1984 {Online}. Available: https://tools.ietf.org/html/rfc896

Digital Library

[30]

O. Nordström and C. Dovrolis, "Beware of BGP attacks," ACM CCR, vol. 34, no. 2, pp. 1--8, Apr. 2004.

Digital Library

[31]

W. B. Norton, "A Study of 28 Peering Policies," Technical Report Dr-Peering International. {Online}. Available: http://drpeering.net/white-papers/Peering-Policies/A-Study-of-28-Peering-Policies.html

[32]

BGP Community Guides, One Step Consulting, Inc., 2012 {Online}. Available: http://onesc.net/communities

[33]

N. Patrick, T. Scholl, A. Shaikh, and R. Steenbergen, "Peering Dragnet: Anti-social behavior amongst peers, and what you can do about it," in North American Network Operators' Group (NANOG 38), Oct. 2006.

[34]

Y. Rekhter, T. Li, and S. Hares, "A border gateway protocol 4 (BGP4)," in RFC 4271, Jan. 2006 {Online}. Available: https://tools.ietf.org/html/rfc4271

[35]

M. Roughan, W. Willinger, O. Maennel, D. Perouli, and R. Bush, "10 lessons from 10 years of measuring and modelling the Internet's Autonomous Systems," IEEE J. Sel. Areas Commun., vol. 29, no. 9, pp. 1810--1821, 2011.

[36]

R. Sherwood, A. Bender, and N. Spring, "DisCarte: A disjunctive Internet cartographer," presented at the ACM SIGCOMM, Seattle, WA, USA, Aug. 2008.

Digital Library

[37]

P. Smith, R. Evans, and M. Hughes, "Recommendations on Route Aggregation," RIPE Routing Working Group, Technical Report RIPE-399, 2006.

[38]

P. Traina and R. Chandrasekeran, "BGP communities attribute," in RFC 1997, Aug. 1996 {Online}. Available: https://tools.ietf.org/html/rfc1997

[39]

P. C. van Oorschot, T. Wan, and E. Kranakis, "On interdomain routing security and pretty secure BGP (psBGP)," ACM Trans. Info. Syst. Secur. (TISSEC), vol. 10, no. 3, 2007.

Digital Library

[40]

C. Villamizar, R. Chandra, and R. Govindan, "BGP route flap damping," RFC 2439, Nov. 1998 {Online}. Available: https://tools.ietf.org/html/rfc2439

Digital Library

[41]

F. Wang and L. Gao, "On inferring and characterizing Internet routing policies," in International Mechanical Code 2003, Oct. 2003.

Digital Library

[42]

R. White, "Securing BGP through Secure Origin BGP," Internet Protocol J., vol. 6, no. 3, pp. 15--22, 2006.

[43]

E. L. Wong, P. Balasubramanian, L. Alvisi, M. G. Gouda, and V. Shmatikov, "Truth in advertising: Lightweight verification of route integrity," presented at the PODC 2007, Portland, OR, USA, Aug. 2007.

Digital Library

[44]

J. Wu, Z. M. Mao, J. Rexford, and J. Wang, "Finding a needle in a haystack: Pinpointing significant BGP routing changes in an IP network," presented at the NSDI 2005, Boston, MA, USA, May 2005.

Digital Library

[45]

M. Zhao, W. Zhou, A. J. T. Gurney, A. Haeberlen, M. Sherr, and B. T. Loo, "Private and verifiable interdomain routing decisions," Univ. Pennsylvania, Philadelphia, PA, USA, Technical Report MS-CIS-12-10, 2012.

Cited By

Zarezadeh MMala HKhajeh H(2020)Preserving Privacy of Software-Defined Networking Policies by Secure Multi-Party ComputationJournal of Computer Science and Technology10.1007/s11390-020-9247-535:4(863-874)Online publication date: 27-Jul-2020
https://dl.acm.org/doi/10.1007/s11390-020-9247-5
Chiesa MDemmler DCanini MSchapira MSchneider T(2017)SIXPACKProceedings of the 13th International Conference on emerging Networking EXperiments and Technologies10.1145/3143361.3143362(120-133)Online publication date: 28-Nov-2017
https://dl.acm.org/doi/10.1145/3143361.3143362
Wei CLi JLi WYu PGuan H(2017)STYXProceedings of the 2017 Symposium on Cloud Computing10.1145/3127479.3127482(201-213)Online publication date: 24-Sep-2017
https://dl.acm.org/doi/10.1145/3127479.3127482

Recommendations

Private and verifiable interdomain routing decisions
SIGCOMM '12: Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication

Existing secure interdomain routing protocols can verify validity properties about individual routes, such as whether they correspond to a real network path. It is often useful to verify more complex properties relating to the route decision procedure - ...
Private and verifiable interdomain routing decisions
Special october issue SIGCOMM '12

Existing secure interdomain routing protocols can verify validity properties about individual routes, such as whether they correspond to a real network path. It is often useful to verify more complex properties relating to the route decision procedure - ...
On understanding transient interdomain routing failures

The convergence time of the interdomain routing protocol, BGP, can last as long as 30 minutes. Yet, routing behavior during BGP route convergence is poorly understood. During route convergence, an end-to-end Internet path can experience a transient loss ...

Comments

Information & Contributors

Information

Published In

cover image IEEE/ACM Transactions on Networking

IEEE/ACM Transactions on Networking Volume 24, Issue 2

April 2016

646 pages

ISSN:1063-6692

Editor:
Chee Wei Tan
IEEE Transactions on Communications

Issue’s Table of Contents

Publisher

IEEE Press

Publication History

Published: 01 April 2016

Published in TON Volume 24, Issue 2

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
53
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 06 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zarezadeh MMala HKhajeh H(2020)Preserving Privacy of Software-Defined Networking Policies by Secure Multi-Party ComputationJournal of Computer Science and Technology10.1007/s11390-020-9247-535:4(863-874)Online publication date: 27-Jul-2020
https://dl.acm.org/doi/10.1007/s11390-020-9247-5
Chiesa MDemmler DCanini MSchapira MSchneider T(2017)SIXPACKProceedings of the 13th International Conference on emerging Networking EXperiments and Technologies10.1145/3143361.3143362(120-133)Online publication date: 28-Nov-2017
https://dl.acm.org/doi/10.1145/3143361.3143362
Wei CLi JLi WYu PGuan H(2017)STYXProceedings of the 2017 Symposium on Cloud Computing10.1145/3127479.3127482(201-213)Online publication date: 24-Sep-2017
https://dl.acm.org/doi/10.1145/3127479.3127482

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents