Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 27 Page 1 Advanced Network Security Routing Security Advanced Network Security Peter Reiher August, 2014.

Published byJack Sutton Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 27 Page 1 Advanced Network Security Routing Security Advanced Network Security Peter Reiher August, 2014."— Presentation transcript:

1 Lecture 27 Page 1 Advanced Network Security Routing Security Advanced Network Security Peter Reiher August, 2014

2 Lecture 27 Page 2 Advanced Network Security Outline How to secure routing protocols BGP security Securing other styles of routing protocols

3 Lecture 27 Page 3 Advanced Network Security Routing Security Routing protocols control how packets flow through the Internet If they aren’t protected, attackers can alter packet flows at their whim Most routing protocols were not built with security in mind

4 Lecture 27 Page 4 Advanced Network Security Routing Protocol Security Threats Threats to routing data secrecy –Usually not critical Threats to routing protocol integrity –Very important, since tampering with routing integrity can be bad Threats to routing protocol availability –Potential to disrupt Internet service

5 Lecture 27 Page 5 Advanced Network Security What Could Really Go Wrong? Packets could be routed through an attacker Packets could be dropped –Routing loops, blackhole routing, etc. Some users’ service could be degraded The Internet’s overall effectiveness could be degraded –Slow response to failures –Total overload of some links Many types of defenses against other attacks presume correct routing

6 Lecture 27 Page 6 Advanced Network Security Where Does the Threat Occur? At routers, mostly Most routers are well-protected –But... –Several vulnerabilities have been found in routers Also, should we always trust those running routers?

7 Lecture 27 Page 7 Advanced Network Security Different Types of Routing Protocols Link state –Tell everyone the state of your links Distance vector –Tell nodes how far away things are Path vector –Tell nodes the complete path between various points On demand protocols –Figure out routing once you know you two nodes need to communicate

8 Lecture 27 Page 8 Advanced Network Security Popular Routing Protocols BGP –Path vector protocol used in core Internet routing –Arguably most important protocol to secure RIP –Distance vector protocol for small networks OSPF ISIS Ad hoc routing protocols

9 Lecture 27 Page 9 Advanced Network Security Fundamental Operations To Be Protected One router tells another router something about routing –A path, a distance, contents of local routing table, etc. A router updates its routing information A router gathers information to decide on routing

10 Lecture 27 Page 10 Advanced Network Security Protecting BGP BGP is probably the most important protocol to protect Handles basic Internet routing Works at autonomous system (AS) level –Rather than router level

11 Lecture 27 Page 11 Advanced Network Security BGP Issues BGP is spoken (mostly) between routers in autonomous systems On direct network links to their partner Over TCP sessions that are established with known partners Isn’t that enough to give reasonable security?

12 Lecture 27 Page 12 Advanced Network Security Basic BGP Security Issue ABCDE FG 1.2.3.* A wants to tell everyone how to get to 1.2.3.* 1.2.3.* A A B,A 1.2.3.* C,B,A 1.2.3.* D,C,B,A What do we need to protect?

13 Lecture 27 Page 13 Advanced Network Security Well, What Could Go Wrong? ABCDE FG 1.2.3.* A What if A doesn’t own 1.2.3.*? What if router A isn’t authorized to advertise 1.2.3.*? What if router D alters the path? 1.2.3.* D,F

14 Lecture 27 Page 14 Advanced Network Security How Do We Solve These Problems? Advertising routers must prove ownership and right to advertise Paths must be signed by routers on them Must avoid cut-and-paste attacks And replay attacks

15 Lecture 27 Page 15 Advanced Network Security S-BGP A protocol designed to solve most of the routing security issues for BGP Intended to be workable with existing BGP protocol Key idea is to tie updates to those who are allowed to make them –And to those who build them

16 Lecture 27 Page 16 Advanced Network Security Some S-BGP Constraints Can’t change BGP protocol –Or packet format Can’t have messages larger than max BGP size Must be deployable in reasonable way

17 Lecture 27 Page 17 Advanced Network Security An S-BGP Example ABCDE FG 1.2.3.* A How can B know that A should advertise 1.2.3.*? A can provide a certificate proving ownership

18 Lecture 27 Page 18 Advanced Network Security Securing BGP Updates ABCDE FG 1.2.3.* A wants to tell everyone how to get to 1.2.3.* What are these signatures actually attesting to? 1.2.3.* A B,A 1.2.3.* C,B,A 1.2.3.* D,C,B,A

19 Lecture 27 Page 19 Advanced Network Security Who Needs To Prove What? A needs to prove (to B-E) that he owns the prefix B needs to prove (to C-E) that A wants the prefix path to go through B C needs to prove (to D-E) the same D needs to prove (to E) the same

20 Lecture 27 Page 20 Advanced Network Security So What Does A Sign? A clearly must provide proof he owns the prefix He also must prove he originated the update And only A can prove that he intended the path to go through B So he has to sign for all of that

21 Lecture 27 Page 21 Advanced Network Security Address Attestations in S-BGP These are used to prove ownership of IP prefix spaces IP prefix owner provides attestation that a particular AS can originate its BGP updates That AS includes attestation in updates

22 Lecture 27 Page 22 Advanced Network Security Route Attestations To prove that path for a prefix should go through an AS The previous AS on the path makes this attestation –E.g., B attests that C is the next AS hop

23 Lecture 27 Page 23 Advanced Network Security How Are These Signatures Done? Via public key cryptography Certificates issued by proper authorities –ICANN at the top –Hierarchical below ICANN Certificates not carried with updates –Otherwise, messages would be too big –Off-line delivery method proposed

24 Lecture 27 Page 24 Advanced Network Security Protecting Other Styles of Protocols Generally, how do you know you should believe another router? About distance to some address space About reachability to some address space About other characteristics of a path About what other nodes have told you

25 Lecture 27 Page 25 Advanced Network Security How Routing Protocols Pass Information Some protocols pass full information –E.g., BGP –So they can pass signed information Others pass summary information –E.g., RIP –They use other updates to create new summaries –How can we be sure they did so properly?

26 Lecture 27 Page 26 Advanced Network Security Who Are You Worried About? Random attackers? –Generally solvable by encrypting/authenticating routing updates Misbehaving insiders? –A much harder problem –They’re supposed to make decisions –How do you know they’re lying?

27 Lecture 27 Page 27 Advanced Network Security A Sample Problem A BCDE FG H Assume a distance vector protocol 0 0 1.2.3.* 1 12 231 How can H tell someone lied? How can H tell that E lied?

28 Lecture 27 Page 28 Advanced Network Security Types of Attacks on Distance Vector Routing Protocols Blackhole attacks –Claim short route to target Claim longer distance –To avoid traffic going through you Inject routing loops –Which cause traffic to be dropped Inject lots of routing updates –Generally for denial of service

29 Lecture 27 Page 29 Advanced Network Security How To Secure a Distance Vector Protocol? Can’t just sign the hop count –Not tied to the path Instead, sign a length and a “second-to- last” router identity By iterating, you can verify path length

30 Lecture 27 Page 30 Advanced Network Security An Example A BCDE FG H 1.2.3.* H needs to build a routing table entry for 1.2.3.* Should show hop count of 3 via G, 5 via E

31 Lecture 27 Page 31 Advanced Network Security One Way to Do It A BCDE FG H H directly verifies that it’s one hop to E E1-D2EC3DB4CA5B H gets signed info that D is 2 hops through E Then we iterate Now we can trust it’s five hops to A

32 Lecture 27 Page 32 Advanced Network Security Who Does the Signing? The destination –A in the example It only signs the unchanging part –Not the hop count But an update eventually reaches H that was signed by A

33 Lecture 27 Page 33 Advanced Network Security What About That Hop Count? E could lie about the hop count But he can’t lie that A is next to B Nor that B next to C, nor C next to D, nor D next to E Unless other nodes collude, E can’t claim to be closer to A than he is

34 Lecture 27 Page 34 Advanced Network Security What If Someone Lies? A BCDE FG H There’s limited scope for effective lies E can’t claim to be closer to A Since E can’t produce a routing update signed by A that substantiates that E1-D2EC3DB4CA5B

35 Lecture 27 Page 35 Advanced Network Security A Difficulty This approach relies on a PKI H must be able to check the various signatures Breaks down if someone doesn’t sign –That’s a hole in the network, from the verification point of view –Consider, in example, what happens if C doesn’t sign

36 Lecture 27 Page 36 Advanced Network Security What If C Doesn’t Sign? A BCDE FG H E1-D2E C3D B4CA5B A message coming through D tells us that it’s three hops to C But H can’t verify that H knows C is next to B And that B is next to A But how can he be sure D is next to C? Other than trusting D...

37 Lecture 27 Page 37 Advanced Network Security What’s the Problem? A BCDE FG H E1-D2E C3D B4CA5B For this graph, no problem A BCDE FG H But how about for this one?

38 Lecture 27 Page 38 Advanced Network Security Conclusions The proper behavior of our networks depends on proper routing Many types of attacks enabled by improper routing All the important routing protocols lack good security New versions concentrate on ensuring integrity and authenticity of routing info

Download ppt "Lecture 27 Page 1 Advanced Network Security Routing Security Advanced Network Security Peter Reiher August, 2014."

Similar presentations

Karlston D'Emanuele Distance Vector Routing Protocols Notes courtesy of Mr. Joe Cordina Password Removed www.uniunderground.com.

Karlston D'Emanuele Distance Vector Routing Protocols Notes courtesy of Mr. Joe Cordina Password Removed
RIP V2 W.lilakiatsakun.  RFC 2453 (obsoletes –RFC 1723 /1388)  Extension of RIP v1 (Classful routing protocol)  Classless routing protocol –VLSM is.

RIP V2 W.lilakiatsakun.  RFC 2453 (obsoletes –RFC 1723 /1388)  Extension of RIP v1 (Classful routing protocol)  Classless routing protocol –VLSM is.
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.

Lecture 9 Page 1 CS 236 Online Denial of Service Attacks that prevent legitimate users from doing their work By flooding the network Or corrupting routing.
Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.

Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.
Lecture 18 Page 1 CS 236 Online DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses –E.g., thesiger.cs.ucla.edu.

Lecture 18 Page 1 CS 236 Online DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses –E.g., thesiger.cs.ucla.edu.
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol –Datagram format.

Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol –Datagram format.
1 CCNA 3 v3.1 Module 1. 2 CCNA 3 Module 1 Introduction to Classless Routing.

1 CCNA 3 v3.1 Module 1. 2 CCNA 3 Module 1 Introduction to Classless Routing.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
EEC-484/584 Computer Networks Lecture 10 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.

EEC-484/584 Computer Networks Lecture 10 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
CSEE W4140 Networking Laboratory Lecture 4: IP Routing (RIP) Jong Yul Kim 02.15.2010.

CSEE W4140 Networking Laboratory Lecture 4: IP Routing (RIP) Jong Yul Kim
CSEE W4140 Networking Laboratory Lecture 4: IP Routing (RIP) Jong Yul Kim 02.11.2009.

CSEE W4140 Networking Laboratory Lecture 4: IP Routing (RIP) Jong Yul Kim
Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.

Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.
14 – Inter/Intra-AS Routing

14 – Inter/Intra-AS Routing
Slide 1 Vitaly Shmatikov CS 378 Routing Security.

Slide 1 Vitaly Shmatikov CS 378 Routing Security.
Transport Layer 3-1 Chapter 4 Network Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012  CPSC.

Transport Layer 3-1 Chapter 4 Network Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012  CPSC.
Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.

Lecture 29 Page 1 Advanced Network Security Privacy in Networking Advanced Network Security Peter Reiher August, 2014.
Chapter 22 Network Layer: Delivery, Forwarding, and Routing

Chapter 22 Network Layer: Delivery, Forwarding, and Routing
Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.

Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.
Routing Information Protocol (RIP). Intra-and Interdomain Routing An internet is divided into autonomous systems. An autonomous system (AS) is a group.

Routing Information Protocol (RIP). Intra-and Interdomain Routing An internet is divided into autonomous systems. An autonomous system (AS) is a group.

Similar presentations

Ads by Google