TTM Based Security Enhancement for Inter-domain Routing Protocol

Border Gateway Protocol (BGP) acts as a vital part of the global infrastructure. Attacks against BGP are increasing in number and severity. Unfortunately, most security mechanisms based on public key cryptography suffer from performance, trust model and other issues. This paper proposes a solution that takes advantages of the power-law and rich-club features of the AS-level topology, and proposes the notion of AS Alliance and a new trust model — Translator Trust Model (TTM). TTM avoids the global distribution of certificates by trust translating between different trust domains. It achieves that with much less memory overhead than traditional solutions, and a shorter validation chain. We develop a novel SE-BGP (Security Enhanced BGP) mechanism based on TTM. It introduces new path attributes to carry origin certificates and path signatures, and the algorithms to process origin authentication and path authentication. Our analyses indicate that SE-BGP is a viable solution.