Quick links

Decentralized Security Mechanisms for Internet Routing

Date and Time
Monday, March 21, 2005 - 4:00pm to 5:30pm
Location
Computer Science Small Auditorium (Room 105)
Type
Colloquium
Speaker
Lakshmi Subramanian, from UC Berkeley
Host
Jennifer Rexford
Today's Internet is at risk. A single misbehaving router--whether through misconfiguration or malicious intent--can hijack routes, bringing down over a third of the Internet. This critical vulnerability stems from the pervasive assumption inherent in existing protocols that any information propagated by routers is correct. Emerging security proposals for Internet routing require a public key infrastructure and a trusted central authority, and thus are unlikely to see wide deployment.

In this talk, I will first describe Listen and Whisper, two decentralized and deployable security mechanisms that improve the security of the Border Gateway Protocol (BGP), the current inter-domain routing protocol. Their combination eliminates the threat of route hijacking due to misconfigurations and restricts the damage that deliberate attackers can cause. Using a real-world deployment of these mechanisms within the Berkeley campus network, we have been able to detect several routing anomalies.

Then, I will show how these techniques can be extended to provide a foundational suite of security primitives to achieve secure routing in an arbitrary network against a bounded number of adversaries. These techniques address two open theoretical problems: (a) Under what constraints can one achieve decentralized key distribution given a bounded number of adversaries? (b) When can one achieve Byzantine agreement if the underlying graph is not known to the nodes?

Bio

Lakshminarayanan Subramanian is currently a PhD candidate at UC Berkeley working with Professors Randy H. Katz, Ion Stoica and Scott Shenker. He received an M.S. in Computer Science from UC Berkeley in 2002 and a B.Tech in Computer Science from the Indian Institute of Technology, Madras in 1999. His research interests are in the areas of networking and distributed systems with specific emphasis on routing, network security, Internet architecture, overlay networks and quality of service.

Follow us: Facebook Twitter Linkedin