Challenge: Securing Routing Protocols

1
Challenge SecuringRouting Protocols

• Adrian Perrig
• perrig_at_cmu.edu

2
Why Secure Routing?

• Deployed routing protocols assume a trusted
  environment!
• Even misconfigurations can severely disrupt
  routing protocols
• Secure routing properties
• Reduce misconfiguration impact
• Robust against compromised nodes (Byzantine
  failures)
• Only legitimate nodes participate in forwarding
• Prevent attackers from injecting bogus routes

3
Secure Routing Illustration
C
J
G
A
A
D
S
E
I
B
B
H
F
F
4
Secure Ad Hoc Network Routing Protocols

• SEAD Secure Efficient Ad hoc Distance vector
  routing protocol WMCSA 2002
• Ariadne secure on-demand routing
  protocolMobicom 2002
• New routing attacks
• Wormhole attack Infocom 2003
• Rushing attack
• Joint work with Yih-Chun Hu and David Johnson

5
Secure Sensor Network Routing

• Challenges
• Energy constraints invite DoS attacks
• Memory and bandwidth constraints prevent using
  sophisticated routing protocols
• Compromised nodes may inject malicious messages
  or drop data traffic
• Current approach combine probabilistic routing
  with multi-path routing

6
Secure Internet Routing

• Challenges
• Legacy systems
• Untrusted domains, complicated trust
  relationships
• Even misconfigurations can significantly perturb
  Internet routing
• Current project use efficient cryptographic
  techniques to verify BGP routing updates

7
Research Directions

• Today we enumerate attacks and protect against
  them
• To start securing BGP, RPsec IETF working group
  is establishing a list of BGP vulnerabilities
• We need to establish metrics
• Allows comparison of protocols
• Study security properties vs performance
• Measure effectiveness of DoS attacks
• E.g., in sensor networks attacker energy /
  network energy