Paper 2006/087

Analysis of the SPV Secure Routing Protocol: Weaknesses and Lessons

Barath Raghavan, Saurabh Panjwani, and Anton Mityagin

Abstract

We analyze a secure routing protocol, Secure Path Vector (SPV), proposed in SIGCOMM 2004. SPV aims to provide authenticity for route announcements in the Border Gateway Protocol (BGP) using an efficient alternative to ordinary digital signatures, called constant-time signatures. Today, SPV is often considered the best cryptographic defense for BGP. We find subtle flaws in the design of SPV which lead to attacks that can be mounted by 60% of Autonomous Systems in the Internet. In addition, we study several of SPV's design decisions and assumptions and highlight the requirements for security of routing protocols. In light of our analysis, we reexamine the need for constant-time signatures and find that certain standard digital signature schemes can provide the same level of efficiency for route authenticity.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. ACM SIGCOMM Computer Communications Review, April 2007
Keywords
routingsignaturesBGP
Contact author(s)
barath @ cs ucsd edu
History
2007-04-26: last of 4 revisions
2006-03-07: received
See all versions
Short URL
https://ia.cr/2006/087
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2006/087,
      author = {Barath Raghavan and Saurabh Panjwani and Anton Mityagin},
      title = {Analysis of the {SPV} Secure Routing Protocol: Weaknesses and Lessons},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/087},
      year = {2006},
      url = {https://eprint.iacr.org/2006/087}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.