Application of logarithmic keying for securing ASPATH in inter-domain routing

Abstract

Current day Internet is vulnerable to a variety of attacks during routing between Autonomous Systems (ASes). Routing between ASes in the internet is taken care of by standard de-facto inter-domain protocol called Border Gateway Protocol (BGP). BGP generally performs the hearsay technique for propagating the route for an IP prefix. Each BGP speaker advertises the AS -PATH through UPDATE messages for an IP prefix. The receiving BGP speaker of the neighboring AS append its own AS Number (ASN) in the existing AS -PATH and advertises it. But there is no guarantee in BGP that the received AS-PATH would have been modified, inserted or deleted. Hence AS path falsification is not detected by BGP. Various Security proposals were suggested by many researchers but none of them was deployed, due to various reasons. There exists a tradeoff between security, efficiency and performance in those proposals [1]. Due to their performance overheads and lack of proper security, we propose using Symmetric Key approaches for achieving perfect security. We consider the internet to be a combination of acyclic networks and star networks, where acyclic network is formed by the peer to peer ASes and customer-provider ASes [14] and star network is formed by an ISP providing services to many stub ASes. We apply a technique called logarithmic keying [2] to that combination of networks. The grand parent AS of each AS is trusted to identify the falsification of AS -Path. Also a temporal database is proposed to maintain historical advertisements at the Regional Internet Registry (RIR).