Abstract
The Border Gateway Protocol (BGP) is the path vector routing protocol that connects different autonomous systems.. These ASes have unique integer numbers which assign by IANA organization. The traditional BGP protocol is not sufficient to provide security and authentication for AS path and verification of AS number ownership as well as network IP prefix. The BGP remains vulnerable to various types of misconfiguration by users and attacks. Many secure BGP algorithms have been proposed but complexity of algorithm and attack on that models still remain open problem. In this paper, we propose an efficient model for SBGP; initially establish trust relationship between BGP peers. In this process BGP use TCP protocol for reliable communication. The BGP routers will attempt to create secure BGP session by exchanging BGP Open messages. During this Open messages master BGP router generate private key with help of cyclic shifting of ASCII of password called cyclic shift algorithm. Then hash of this private key send towards neighbour. Instead of key exchange, we use hashing algorithm, we generate hash of only key through SHA-1. This hash code for private key sent with Open messages during session establishment. When this Open messages receive by neighbor BGP routers, first it generate key using same password with same algorithm & generate hash code for same and then compare both hash code. If it matches then establish secure session with master BGP router & accept the Autonomous system number which is sent by master router during Open Messages. In this manner both BGP speakers make trust relationship between each other & then exchange route UPDATE within secure channel. If hash code at receiver end does not match then simply receiving BGP router discard Open messages and does not make connection with unauthorized AS number. If malicious router wants to inject false route or false ip prefix then it does not create secure session by lack of secure private key. So malicious router does not participate in above BGP routing process.
Highlights
This Routing involves two main activities, first find the shortest path and second transport of packets through internetwork
Main operation of the internet to perform routing within different autonomous systems. This routing operation between different ASes performs by Border Gateway Protocol (BGP) exterior routing protocol which is widely implemented in internet
In iBGP peer, each iBGP speaker must link with other iBGP speaker within AS
Summary
This Routing involves two main activities, first find the shortest path and second transport of packets through internetwork. The BGP is only deployed exterior routing protocol connecting different IP networks and ASes to make the whole internet. One serious problem is that misconfiguration of BGP router and false BGP route with same ip prefix propagates across the Internet. Malicious BGP speaker may poison the routing tables of many other well-behaved BGP speakers by injecting wrong route or wrong ASes numbers in internet. This has the potential to down the internet infrastructure as traffic can be redirected to unintended networks and cause slow down network. In our approach we use symmetric key only for secure session establishment between BGP speakers, not for encrypt whole route UPDATE. In our approach we use two algorithms: first cyclic shifting for key generation and SHA-1 (secure hash algorithm) for hash generation of key
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Network Security & Its Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
