Skip to main content
placeholder image

Efficient authentication and integrity protection for the border gateway protocol

Journal Article


Abstract


  • The border gateway protocol (BGP) has been used for internet interdomain routing since 1989. However, this protocol has many security vulnerabilities, and is therefore the focus of ongoing research. A fast and efficient protocol, with strong security features, including signature based authentication is ideal. Some alternatives to BGP have previously been proposed for implementation, but these are yet to be adopted. Computational overheads and infrastructure requirements on the network system, or the absence of some key security features are preventing their adoption. In this paper, we introduce a protocol with significant improvements to BGP, addressing its three major security vulnerabilities. We propose a newprotocol from a concept within in the append only signature (AOS) scheme, but in a more realistic broadcast model. Our protocol has better efficiency and security, by using pre-computation of signatures, and server aided verification. We also include signature aggregation features to minimise signature size, to further improve efficiency.

UOW Authors


  •   Seberry, Jennifer
  •   Mu, Yi (external author)
  •   Wellsmore, Tim (external author)

Publication Date


  • 2014

Citation


  • Seberry, J. R., Mu, Y., Guo, F. & Wellsmore, T. (2014). Efficient authentication and integrity protection for the border gateway protocol. International Journal of Security and Networks, 9 (4), 234-243.

Scopus Eid


  • 2-s2.0-84918510588

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/4132

Number Of Pages


  • 9

Start Page


  • 234

End Page


  • 243

Volume


  • 9

Issue


  • 4

Abstract


  • The border gateway protocol (BGP) has been used for internet interdomain routing since 1989. However, this protocol has many security vulnerabilities, and is therefore the focus of ongoing research. A fast and efficient protocol, with strong security features, including signature based authentication is ideal. Some alternatives to BGP have previously been proposed for implementation, but these are yet to be adopted. Computational overheads and infrastructure requirements on the network system, or the absence of some key security features are preventing their adoption. In this paper, we introduce a protocol with significant improvements to BGP, addressing its three major security vulnerabilities. We propose a newprotocol from a concept within in the append only signature (AOS) scheme, but in a more realistic broadcast model. Our protocol has better efficiency and security, by using pre-computation of signatures, and server aided verification. We also include signature aggregation features to minimise signature size, to further improve efficiency.

UOW Authors


  •   Seberry, Jennifer
  •   Mu, Yi (external author)
  •   Wellsmore, Tim (external author)

Publication Date


  • 2014

Citation


  • Seberry, J. R., Mu, Y., Guo, F. & Wellsmore, T. (2014). Efficient authentication and integrity protection for the border gateway protocol. International Journal of Security and Networks, 9 (4), 234-243.

Scopus Eid


  • 2-s2.0-84918510588

Ro Metadata Url


  • http://ro.uow.edu.au/eispapers/4132

Number Of Pages


  • 9

Start Page


  • 234

End Page


  • 243

Volume


  • 9

Issue


  • 4