Is the Juice Worth the Squeeze? BGP Security in Partial Deployment: Robert Lychev, GATech, BU

10:00 am on Monday, April 29, 2013
12:00 pm on Monday, April 29, 2013
MCS 137
Abstract The Border Gateway Protocol (BGP) sets up routes between the smaller networks that make up the Internet. However, BGP is vulnerable to such serious problems as the propagation of bogus routing information due to attacks or misconfigurations. The S*BGP protocols (Secure BGP, secure origin BGP, BGPsec, etc) were proposed to address these issues, but the transition to S*BGP is expected to be long and slow, with S*BGP coexisting in “partial deployment” alongside BGP for possibly a very long time. We use theoretical and experimental analyses to study the security benefits provided by partially-deployed S*BGP and show how the complex interactions between S*BGP and insecure BGP can introduce new vulnerabilities and instabilities into the interdomain routing system.