1 / 12

SoBGP vs SBGP

SoBGP vs SBGP. Sharon Goldberg Princeton Routing Security Seminar June 27, 2006 and July 11, 2006. sBGP Review. A purist approach to secure the control plane using a centralized security approach Origin Authentication Origin Authentication Public Key Infrastructure (PKI)

lefty
Download Presentation

SoBGP vs SBGP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SoBGP vs SBGP Sharon Goldberg Princeton Routing Security Seminar June 27, 2006 and July 11, 2006

  2. sBGP Review • A purist approach to secure the control plane using a centralized security approach • Origin Authentication • Origin Authentication Public Key Infrastructure (PKI) • Signed “Address Attestations” • Path Authentication • Autonomous System (AS) PKI • Nested Signatures in UPDATE Messages (Route Attestations)

  3. Origin Authentication – PKI Delegation Heirarchy Delegate Allocate ICANN Regional Registries Subscriber Organizations ISPs DSPs DSPs Subscriber Organizations Subscriber Organizations Subscriber Organizations Subscriber Organizations Subscriber Organizations A Canadian Example

  4. SBGP – Origin Authentication • Given a Address Attestation [AS #848, 128.12.50.0/24]Private Key of Bank of Montreal • Verify Using the Origin Authentication PKI • First check for the next level certificate [Public Key of BMO, 128.12.50.0/22]Private Key of Bell Canada • And then the next level certificate [Public Key of Bell Canada, 128.12.0.0/16]Private Key of ARIN • And then the next level certificate [Public Key of ARIN, 128.0.0.0/8]Private Key of ICANN • And then everyone knows the Public Key of ICANN

  5. AS # and Router Association PKI ICANN Regional Registries Subscriber Organizations ISPs DSPs BGP SPEAKER Bgp-spker-23-342 AS#23 AS#34

  6. SBGP – Path Authentication • Given a Route Attestation (a secure update message) For the network below: [1]----[2]------[3]------[4] [1] Sends to [2]:    {1,2}_1    (i.e.  (a path from 1 to 2) signed by 1) [2] Sends to [3]:    {1,2}_1 ,  {2,3}_2 [3] Sends to [4]:    {1,2}_1 ,  {2,3}_2,  {3,4}_3 • Verify Each Signature usingthe Router Association PKI • First check for the next level certificate [Public Key PrincetonU - AS #1 - BGP Speaker #rtr_pton1_no4]PrincetonU • And then the next level certificate [Public Key PrincetonU, AS #1, AS#1001]ARIN • And then the next level certificate [Public Key ARIN, AS #1, AS #2, …, AS#1001,.., AS#4678] ICANN • And then everyone knows the Public Key of ICANN Owned by PrincetonU

  7. SoBGP vs SBGP • The similarities: • Both secure only the control plane • Both do origin authentication • Both cannot defend against colluding adversaries (using wormhole in sBGP, using two lying PolicyCerts in SoBGP) • Both are only “fuzzily” effective if incrementally deployed

  8. Nomenclature and So On… • Origin Authentication: • SoBGP AuthCert =sBGP Address Attestation = [AS#, IP prefix]Private Key of Signer • sBGP also has an OA PKI but SoBGP doesn’t b/c of Web of Trust • Path Authentication / Plausibiltiy: • SoBGP PolicyCerts (an AS lists the connections it has) • sBGP Route Attestation (a nested, signed AS path in each UPDATE msg) • SoBGP also has EntityCerts (a Web of Trust to bind PK’s to AS#’s) • sBGP also has an RA PKI

  9. Path Plausibility vs Path Authentication • Is Path Authentication stronger than Path Plausibility? “Since each AS in sBGP is authentication a relationship between itself and its predecessor and successor ASes, the set of acceptable AS paths in sBGP is a subset of the set paths acceptable under SoBGP” • Path Lengthening attack can be done in P Plausibility but not PA • What about a Path Shortening attack ? (assuming no colluding adversaries and full deployment) • In SoBGP path shortening violates topology database • In SBGP it violates the structure of the RA chain (next slide)

  10. A neat aside: Nested vs Pairwise Route Attestations • With nested RA’s the following path shortening attack works: • But, if we use pairwise RA’s, the attack fails: (4,(3,(2,1 )2 ) 3 ) 4 (2,1) 2 4 (3,(2,1 )2 ) 3 (4,(2,1 )2 ) 4 3 2 1 (4,3)3 (3,2)2 (2,1)1 (2,1) 1 4 (3,2)2 (2,1)1 3 2 1 (4,3)3 (2,1)1

  11. Another Neat Aside: SBGP does not bind OA to PA • Recall that SBGP transmitts: • RA’s (e.g. (4,3)3 (3,2)2 (2,1)1 ) in the UPDATE message. • AA (e.g. [AS #848, 128.12.50.0/24]Private Key of Bank of Montreal) out of band • Routing Certs and Origin Authentication Certs out of band • Therefore, SBGP does not bind an prefix to a path! • eg. Suppose what should have been sent was • 10.10.10.0/24 (4,3)4 (3,2)3 (2,1)2 • 45.45.45.0/24 (4,30)4 (30,2)30 (2,1)2 • And instead, malicious 2 sent: • 10.10.10.0/24 (4,3)4 (3,2)3 (2,1)2 • 45.45.45.0/24 (4,3)4 (3,2)3(2,1)2 30 Prefix 45.45.45.0/24 4 3 2 1 Prefix 10.10.10.0/24

  12. SoBGP vs SBGP: Discussion • An now for Dan’s comments on performance… • How does Aggregation impact Origin Authentication? • With Web of Trust you can do anything!!! • Not so good with a centralized PKI. • SBGP vs SoBGP incremental deployment ? • Is WoT easier to deploy than PKI? • Benefits of partial deployment? • SoBGP has a new SECURITY message that could cause problems • Other thoughts?

More Related