{"id":13145,"date":"2021-12-06T19:06:21","date_gmt":"2021-12-07T00:06:21","guid":{"rendered":"https:\/\/carleton.ca\/scs\/?page_id=13145"},"modified":"2021-12-06T19:06:21","modified_gmt":"2021-12-07T00:06:21","slug":"tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp","status":"publish","type":"page","link":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/","title":{"rendered":"TR-05-08: On Inter-domain Routing Security and Pretty Secure BGP (psBGP)"},"content":{"rendered":"<p>Carleton University<br \/>\n<a href=\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/\">Technical Report<\/a> TR-05-08<br \/>\nSeptember 20, 2005<\/p>\n<h2>On Inter-domain Routing Security and Pretty Secure BGP (psBGP)<\/h2>\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">Evangelos Kranakis, P.C. Van Oorschot, Tao Wan<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div>\n<h3>Abstract<\/h3>\n<p>It is well known that the Border Gateway Protocol (BGP), the IETF standard inter-domain routing protocol, is vulnerable to a variety of attacks, and that a single misconfigured or malicious BGP speaker could result in large scale service disruption. In this paper, we present Pretty Secure BGP (psBGP) \u0096 a proposal for securing BGP, including an architectural overview, design details for significant aspects, and preliminary security and operational analysis. psBGP differs from other security proposals (e.g., S-BGP and soBGP) in that it makes use of a single-level PKI for AS number authentication, a decentralized trust model for verifying the propriety of IP prefix origin, and a rating-based stepwise approach for AS PATH (integrity) verification. psBGP trades off the strong security guarantees of S-BGP for presumed-simpler operation, e.g., using a PKI with a simple structure, with a small number of certificate types, and of manageable size. psBGP is designed to successfully defend against various (non-malicious and malicious) threats from uncoordinated BGP speakers, and can be incrementally deployed with some incremental benefits. Categories and Subject Descriptors: C.2.6 [Computer-Communication Networks]: Internetworking\u0097Security General Terms: Inter-domain Routing, Security Additional Key Words and Phrases: BGP, Trust, Routing Security, Secure Routing Protocols<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p><a href=\"https:\/\/carleton.ca\/scs\/wp-content\/uploads\/TR-05-08.pdf\">TR-05-08.pdf<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Carleton University Technical Report TR-05-08 September 20, 2005 On Inter-domain Routing Security and Pretty Secure BGP (psBGP) Evangelos Kranakis, P.C. Van Oorschot, Tao Wan Abstract It is well known that the Border Gateway Protocol (BGP), the IETF standard inter-domain routing protocol, is vulnerable to a variety of attacks, and that a single misconfigured or malicious [&hellip;]<\/p>\n","protected":false},"author":49,"featured_media":0,"parent":12337,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_relevanssi_hide_post":"","_relevanssi_hide_content":"","_relevanssi_pin_for_all":"","_relevanssi_pin_keywords":"","_relevanssi_unpin_keywords":"","_relevanssi_related_keywords":"","_relevanssi_related_include_ids":"","_relevanssi_related_exclude_ids":"","_relevanssi_related_no_append":"","_relevanssi_related_not_related":"","_relevanssi_related_posts":"","_relevanssi_noindex_reason":"","_mi_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":"","_links_to":"","_links_to_target":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>TR-05-08: On Inter-domain Routing Security and Pretty Secure BGP (psBGP) - School of Computer Science<\/title>\n<meta name=\"description\" content=\"Carleton University Technical Report TR-05-08 September 20, 2005 On Inter-domain Routing Security and Pretty Secure BGP (psBGP) Evangelos Kranakis, P.C.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/\",\"url\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/\",\"name\":\"TR-05-08: On Inter-domain Routing Security and Pretty Secure BGP (psBGP) - School of Computer Science\",\"isPartOf\":{\"@id\":\"https:\/\/carleton.ca\/scs\/#website\"},\"datePublished\":\"2021-12-07T00:06:21+00:00\",\"dateModified\":\"2021-12-07T00:06:21+00:00\",\"description\":\"Carleton University Technical Report TR-05-08 September 20, 2005 On Inter-domain Routing Security and Pretty Secure BGP (psBGP) Evangelos Kranakis, P.C.\",\"breadcrumb\":{\"@id\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/carleton.ca\/scs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Research\",\"item\":\"https:\/\/carleton.ca\/scs\/research\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"SCS Technical Reports\",\"item\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Technical Reports 2005\",\"item\":\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"TR-05-08: On Inter-domain Routing Security and Pretty Secure BGP (psBGP)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/carleton.ca\/scs\/#website\",\"url\":\"https:\/\/carleton.ca\/scs\/\",\"name\":\"School of Computer Science\",\"description\":\"Carleton University\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/carleton.ca\/scs\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TR-05-08: On Inter-domain Routing Security and Pretty Secure BGP (psBGP) - School of Computer Science","description":"Carleton University Technical Report TR-05-08 September 20, 2005 On Inter-domain Routing Security and Pretty Secure BGP (psBGP) Evangelos Kranakis, P.C.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/","url":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/","name":"TR-05-08: On Inter-domain Routing Security and Pretty Secure BGP (psBGP) - School of Computer Science","isPartOf":{"@id":"https:\/\/carleton.ca\/scs\/#website"},"datePublished":"2021-12-07T00:06:21+00:00","dateModified":"2021-12-07T00:06:21+00:00","description":"Carleton University Technical Report TR-05-08 September 20, 2005 On Inter-domain Routing Security and Pretty Secure BGP (psBGP) Evangelos Kranakis, P.C.","breadcrumb":{"@id":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/tr-05-08-on-inter-domain-routing-security-and-pretty-secure-bgp-psbgp\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/carleton.ca\/scs\/"},{"@type":"ListItem","position":2,"name":"Research","item":"https:\/\/carleton.ca\/scs\/research\/"},{"@type":"ListItem","position":3,"name":"SCS Technical Reports","item":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/"},{"@type":"ListItem","position":4,"name":"Technical Reports 2005","item":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2005\/"},{"@type":"ListItem","position":5,"name":"TR-05-08: On Inter-domain Routing Security and Pretty Secure BGP (psBGP)"}]},{"@type":"WebSite","@id":"https:\/\/carleton.ca\/scs\/#website","url":"https:\/\/carleton.ca\/scs\/","name":"School of Computer Science","description":"Carleton University","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/carleton.ca\/scs\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"acf":{"banner_image_type":"none","banner_button":"no"},"_links":{"self":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13145"}],"collection":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/users\/49"}],"replies":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/comments?post=13145"}],"version-history":[{"count":1,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13145\/revisions"}],"predecessor-version":[{"id":13146,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13145\/revisions\/13146"}],"up":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/12337"}],"wp:attachment":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/media?parent=13145"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}