We find subtle flaws in the design of SPV which lead to attacks that can be mounted by 60% of Autonomous Systems in the Internet. In addition, we study several of SPV's design decisions and assumptions and highlight the requirements for security of routing protocols. In light of our analysis, we reexamine the need for constant-time signatures and find that certain standard digital signature schemes can provide the same level of efficiency for route authenticity.
Category / Keywords: routing, signatures, BGP Publication Info: ACM SIGCOMM Computer Communications Review, April 2007 Date: received 6 Mar 2006, last revised 26 Apr 2007 Contact author: barath at cs ucsd edu Available format(s): PDF | BibTeX Citation Version: 20070426:075241 (All versions of this report) Short URL: ia.cr/2006/087 Discussion forum: Show discussion | Start new discussion