Download presentation

Presentation is loading. Please wait.

Published byAugusta Brown Modified over 4 years ago

1
A. Haeberlen Having your Cake and Eating it too: Routing Security with Privacy Protections 1 HotNets-X (November 15, 2011) Alexander Gurney * Andreas Haeberlen * Wenchao Zhou * Micah Sherr + Boon Thau Loo * * University of Pennsylvania + Georgetown University

2
A. Haeberlen ? Motivation: Interdomain routing Alice's AS has a contract with Bob's AS Example: "Bob will always choose the shortest route to X" How can Alice be sure that Bob complies? If Bob had a shorter route available, how would Alice know? Bob could break his promise for various reasons 2 HotNets-X (November 15, 2011) Alice Bob Charlie Doris Eliot C F X D G H X E J H X I will always use the shortest route to X B C F X ? ? E X

3
A. Haeberlen C F X Goal #1: Security We would like to have security Goal: If Bob breaks his promise, Alice can detect and prove it S-BGP is not sufficient NetReview [NSDI'09] is, but requires revealing all routes 3 HotNets-X (November 15, 2011) Alice Bob Charlie Doris Eliot D G H X E X B C F X

4
A. Haeberlen C F X Goal #2: Privacy We would also like to have privacy ASes want to avoid revealing routes (other than the chosen route) Prior solutions choose either security or privacy Can we have both? 4 HotNets-X (November 15, 2011) Alice Bob Charlie Doris Eliot D G H X E X B C F X

5
A. Haeberlen Private and Verifiable Routing (PVR) Our goal is to find a protocol that can be run alongside BGP and guarantees the following: Detection: If an AS breaks a promise about its interdomain routing policies, at least one of its neighbors can detect this Evidence: If an AS breaks a promise, at least one of its direct neighbors can prove this Accuracy: If an AS does not break any promises, none of its neighbors can prove any violations Confidentiality: No AS can learn anything about its neighbors' routes that BGP does not already reveal Slightly more technical definition in the paper 5 HotNets-X (November 15, 2011)

6
A. Haeberlen Outline Motivation Definition of PVR Strawman solutions Two simple PVR protocols Discussion Summary 6 HotNets-X (November 15, 2011) NEXT

7
A. Haeberlen Strawman solutions Idea: Use Secure Multi-party Computation (SMC) or zero-knowledge proofs (ZKP) SMC securely computes a function over secret inputs Example: "Who in this room makes the most money?" Problem #1: Too expensive - even simple functions can take several seconds to evaluate! Problem #2: Too weak - no evidence! Similar problems with ZKP 7 HotNets-X (November 15, 2011)

8
A. Haeberlen Idea: Collaborative verification What helps us: We are not trying to compute the routes for Bob, as in SMC! Rather, we want to verify that Bob kept his promise Each domain already knows some aspect of the computation! Idea: Domains can work together! 8 HotNets-X (November 15, 2011) Alice Bob Charlie Doris Eliot

9
A. Haeberlen Example: Required export Let's start with a simple example Bob: "If I have at least one route to X, I will export one to Alice" What do we need to verify? Property #1: If Bob gives a route to Alice, that route is genuine Simply sign the route, as in S-BGP Property #2: If Bob does not give a route to Alice, then Bob did not receive any routes from Charlie, Doris, or Eliot 9 HotNets-X (November 15, 2011) Alice Bob Charlie Doris Eliot

10
A. Haeberlen How to commit to a value 10 HotNets-X (November 15, 2011) b Bob (H(b||x)) But what is b? Does Doris know b? Same b as Doris! Random bits to prevent dictionary attack Bob Charlie Doris Aha, the b in the commitment is 1! OK, Bob committed to b! b, x

11
A. Haeberlen Example: Required export 1. C, D, and E give their routes to Bob 2. Bob sets b=1 if he has at least one route, otherwise b=0 3. Bob distributes the following information: To each neighbor: Commitment To Alice, and to each neighbor who has given Bob a route: value of b 4. The neighbors exchange commitments and then check: Neighbors: If I gave Bob a route, did I get the value of b, and is b=1? Alice: If I did not receive a route, is b=0? 11 HotNets-X (November 15, 2011) Alice Bob Charlie Doris Eliot If the promise holds, no AS learns anything it did not already know! If the promise does not hold, at least one AS can detect this! b 1 C F X E X No route exported (error) Commitment b=1 Commitment b=1 Commitment b=1

12
A. Haeberlen Second example: Shortest route A more complex example: Bob: "I will give Alice the shortest route I have" Need to verify: Property #1: Route exported Route genuine Property #2: No routes exported None available Property #3: Each imported route is at most as long as the exported route (minus one) 12 HotNets-X (November 15, 2011) Alice Bob Charlie Doris Eliot See previous example 3 hops 2 hops 4 hops 2+1=3 hops

13
A. Haeberlen Commitment with Merkle Hash Trees 13 HotNets-X (November 15, 2011) b1b1 b2b2 b3b3 b4b4 Hash b2b2 Hash tree with four values Proof that the second value is b 2 Reveals nothing about b 1, b 3, b 4 ! Path to the root

14
A. Haeberlen Second example: Shortest route 14 HotNets-X (November 15, 2011) Alice Bob Charlie Doris Eliot 3 hops 2 hops 5 hops 2+1=3 hops 1 2 3 4 5 6 Bit k set to 1: "I have a route that is at most k hops long" 1 11 1 1 Bit 3 is set! Bob acknowledges the 3-hop route! a) No bit below 2 is set; this is the shortest route! b) All bits above 2 are set; Bob didn't lie to the others! Merkle hash tree 0 If Bob picks the shortest route, no neighbor learns anything new! If Bob picks the wrong route, at least one neighbor can detect it!

15
A. Haeberlen From simple to complex So far: We can verify two very simple policies What about more complex BGP policies? Example: "I will give you a European route, unless my Asian route is shorter" Idea: Compose policies to form complex ones More details in the paper (e.g., about access control) 15 HotNets-X (November 15, 2011) Shortest route Shortest At least one

16
A. Haeberlen Ongoing work So far, this is only a proof of concept Need to support more complex policies What about communities? AS_PATH filtering? Etc. We already have additional results - please ask me! Need to handle protocol dynamics BGP routes are announced and withdrawn over time Need to have a formal proof of correctness Currently investigating model checking Need to build a practical system What is the overhead? Etc. 16 HotNets-X (November 15, 2011)

17
A. Haeberlen Summary PVR can verify whether an AS's interdomain routing policy has a certain property Example: "I will always choose the shortest route to X" PVR provides both security and privacy Neighbors can detect violations and generate evidence If an AS is correct, PVR reveals no additional information about its routes, other than what BGP already reveals Demonstrated two simple example protocols Can we support more complex promises? 17 HotNets-X (November 15, 2011) Questions?

Similar presentations

© 2020 SlidePlayer.com Inc.

All rights reserved.

To make this website work, we log user data and share it with processors. To use this website, you must agree to our Privacy Policy, including cookie policy.

Ads by Google