Draft-ietf-sidr-bgpsec-protocol Matt Lepinski

Slides:

Advertisements

Similar presentations

A Threat Model for BGPSEC

Advertisements

A Threat Model for BGPSEC Steve Kent BBN Technologies.

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

SeND Hash Threat Analysis CSI WG Ana Kukec, Suresh Krishnan, Sheng Jiang.

Call Server LIS VPC ESGW SR Manhattan PSAP LO=Wall St Route=Manhattan PSAP The Location Object (LO) is provided in the call setup information to the Call.

Thank you to IT Training at Indiana University Computer Malware.

ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.

Route Leaks Sandra Murphy. Is This a Route Leak? To be able to detect a route leak: Given Update with AS_PATH AS1…ASn Is this a route leak?

1 Robert Lychev Sharon GoldbergMichael Schapira Georgia Tech Boston University Hebrew University.

Sign What You Really Care About - $ecure BGP AS Paths Efficiently Yang Xiang Zhiliang Wang Jianping Wu Xingang Shi Xia Yin Tsinghua University, Beijing.

 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.

Overview of draft-ietf-sidr-roa-format-01.txt Matt Lepinski BBN Technologies.

A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”

BGP Multiple Origin AS (MOAS) Conflict Analysis Xiaoliang Zhao, NCSU S. Felix Wu, UC Davis Allison Mankin, Dan Massey, USC/ISI Dan Pei, Lan Wang, Lixia.

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

What is EAP EAP stands for Extensible Authentication Protocol. Offers a basic framework for authentication. Many different authentication protocols can.

DDOS Defense by Offense OFFENSE Presented by: Anup Goyal Aojan Su.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.

Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006 draft-ietf-sidr-res-certs-01 Geoff Huston Rob Loomans George Michaelson.

Introduction. Overview of Pushback. Architecture of router. Pushback mechanism. Conclusion. Pushback: Remedy for DDoS attack.

IPv6 Mobility David Bush. Correspondent Node Operation DEF: Correspondent node is any node that is trying to communicate with a mobile node. This node.

Inter-domain Routing security Problems Solutions.

APNIC eLearning: Intro to RPKI 10 December :30 PM AEST Brisbane (UTC+10)

Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.

A Security-Aware Routing Protocol for Wireless Ad Hoc Networks

Recommendations of Unique Local Addresses Usages draft-ietf-v6ops-ula-usage-recommendations-02 draft-ietf-v6ops-ula-usage-recommendations-02 Bing Liu(speaker),

BCNET Conference April 29, 2009 Andree Toonk BGPmon.net Prefix hijacking! Do you know who's routing your network? Andree Toonk

Lecture 27 Page 1 Advanced Network Security Routing Security Advanced Network Security Peter Reiher August, 2014.

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.

A Dynamic Packet Stamping Methodology for DDoS Defense Project Presentation by Maitreya Natu, Kireeti Valicherla, Namratha Hundigopal CISC 859 University.

The traditional ing process. Sender Receiver ISP Server.

BGPSEC Router Key Roll-over draft-rogaglia-sidr-bgpsec-rollover-00 Roque Gagliano Keyur Patel Brian Weis.

NEA Requirements Update -06 version summary. Posture Transport Considerations Issue –Ability of existing protocols used for network access to meet requirements.

Detecting Selective Dropping Attacks in BGP Mooi Chuah Kun Huang November 2006.

Draft-ietf-rddp-security-02 Summary of outstanding issues August 4, 2004 Jim Pinkerton.

BGPSEC : A BGP Extension to Support AS-Path Validation Matt Lepinski BBN Technologies.

BGPSEC router key rollover as an alternative to beaconing Roque Gagliano Keyur Patel Brian Weis draft-ietf-sidr-bgpsec-rollover-01.

Security Vulnerabilities in A Virtual Environment

Draft-ietf-sidr-bgpsec-reqs-01 diffs from -00 (Jul) sidr / IETF Taipei Randy Bush sidr bgpsec reqs 1.

1 draft-sidr-bgpsec-protocol-05 Open Issues. 2 Overview I received many helpful reviews: Thanks Rob, Sandy, Sean, Randy, and Wes Most issues are minor.

Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.

1 Border Gateway Protocol (BGP) and BGP Security Jeff Gribschaw Sai Thwin ECE 4112 Final Project April 28, 2005.

Fall 2006CS 395: Computer Security1 Key Management.

7/11/2005ECRIT Security Considerations1 ECRIT Security Considerations draft-taylor-ecrit-security-threats-00.txt Henning Schulzrinne, Raj Shanmugam, Hannes.

Doc.: IEEE /1147r1 Submission November 2009 David Halasz, AclaraSlide 1 Path Protection Date: Authors:

19 March 2003Page 1 BGP Vulnerabilities Draft March 19, 2003 Sandra Murphy

BGP security some slides borrowed from Jen Rexford (Princeton U)

BGP Validation Russ White Rule11.us.

1 Anonymity. 2 Overview  What is anonymity?  Why should anyone care about anonymity?  Relationship with security and in particular identification 

Lecture 18 Page 1 CS 236 Online Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems.

Improving Security Over Ipv6 Authentication Header Protocol using IP Traceback and TTL Devon Thomas, Alex Isaac, Majdi Alharthi, Ali Albatainah & Abdelshakour.

Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.

BGPSEC Protocol (From -01 to -02 and on to -03) Matt Lepinski.

Sandra Murphy Migratory ASs (my own interpretation of draft-ga-idr-as-migration & draft-george-sidr-as-migration) Sandra Murphy.

Migratory ASs Sandra Murphy

Cryptographic Hash Function

Goals of soBGP Verify the origin of advertisements

CPS 512 midterm exam #1, 10/5/17 Your name please: NetID:_______ Sign for your honor:____________________________.

Are We There Yet? On RPKI Deployment and Security

COS 561: Advanced Computer Networks

Digital Certificates and X.509

ITIS 6010/8010 Wireless Network Security

Database Design and Development

COS 561: Advanced Computer Networks

Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006

BGP Security Jennifer Rexford Fall 2018 (TTh 1:30-2:50 in Friend 006)

Presentation transcript:

Draft-ietf-sidr-bgpsec-protocol Matt Lepinski

Draft-ietf-sidr-bgpsec-01 Thank you to everyone who provided comments on the -00 draft Additional thanks to Wes George and Sandy Murphy who have already sent comments on the -01 draft!

pCount Field There was consensus at the Quebec meeting that BGPSEC should accommodate route servers that do not wish to increase the length of the AS-PATH. The -01 version adds a “pCount” field to address this route server issue and to permit adding multiple copies of an AS number without multiple signatures

Example (copies of AS number) OLD NEW AS-PATH : X Y Z Z Z (5 signatures) AS-PATH : X Y Z pCount : (3 signatures) Note: This requires “expanding” the AS-PATH when we send an update From a BGPSEC speaker to a non-BGPSEC speaker Note: AS Path Length is Sum of pCount

pCount = 0 (Route Servers) A Route Server signs with its own AS –Maintains the security properties of BGPSEC A Route Server may set pCount to 0 –This way a route server does not bias traffic away from itself by increasing the length of the AS-PATH Security Consideration –An entity that is not a route server could set pCount to 0 to bias traffic towards itself –If your peer is not a route server and sends you an update with pCount = 0, you should drop the update

Another pCount Example OLD NEW AS-PATH : W Y Z Z Z Z (6 signatures) AS-PATH : W X Y Z pCount : (4 signatures) Question for the Working Group: Is this a reasonable way to handle route servers? Note: X is an “invisible” Route Server between W and Y

Preventing Replay Attacks The primary goal of BGPSEC is to prevent your routes from being hijacked by malicious entities that have never legitimately been on the path for your prefix An additional goal of BGPSEC is to prevent someone that you used to do business with from replaying stale information to keep attracting your traffic

Preventing Replay Attacks Properties of replay attacks –Business relationships change on a slow time-scale –May be more difficult for humans to detect replay attacks than other types of route hijacking Current -01 draft has an expire-time mechanism to limit vulnerability to replay attacks –Goal of this mechanism is just to make sure that ancient business relationships do not come back to haunt you –Intent is that validity periods will be long, because business relationships don’t change overnight

Preventing Replay Attacks There has been active discussion on the list on –Whether the benefits (replay protection) of the current expire-time mechanism are worth the cost –Concerns about the dangers of a misbehaving party who “beacons” too often –Possible alternative mechanisms We are not going to solve all this today –In order to have an informed debate about this mechanism, we probably need a better analysis of what is truly the cost of the current mechanism