Having Your Cake and Eating It Too: Routing Security with Privacy Protections

Thumbnail Image
Penn collection
Departmental Papers (CIS)
Degree type
Computer Sciences
Grant number
Copyright date
Related resources

Internet Service Providers typically do not reveal details of their interdomain routing policies due to security concerns, or for commercial or legal reasons. As a result, it is difficult to hold ISPs accountable for their contractual agreements. Existing solutions can check basic properties, e.g., whether route announcements correspond to valid routes, but they do not verify how these routes were chosen. In essence, today’s Internet forces us to choose between per-AS privacy and verifiability. In this paper, we argue that making this difficult tradeoff is unnecessary. We propose private and verifiable routing (PVR), a technique that enables ISPs to check whether their neighbors are fulfilling their contractual promises to them, and to obtain evidence of any violations, without disclosing information that the routing protocol does not already reveal. As initial evidence that PVR is feasible, we sketch a PVR system that can verify some simple BGP policies. We conclude by highlighting several research challenges as future work.

Date of presentation
Conference name
Departmental Papers (CIS)
Conference dates
Conference location
Date Range for Data Collection (Start Date)
Date Range for Data Collection (End Date)
Digital Object Identifier
Series name and number
Volume number
Issue number
Publisher DOI
Journal Issue
Gurney, A., Haeberlen, A., Zhuo, W., Sherr, M., & Loo, B., Having Your Cake and Eating It Too: Routing Security with Privacy Protections, 10th ACM Workshop on Hot Topics in Networks (HotNets-X), Nov. 2011, doi: http://doi.acm.org/10.1145/2070562.2070577 ACM COPYRIGHT NOTICE. Copyright © 2011 by the Association for Computing Machinery, Inc. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM, Inc., fax +1 (212) 869-0481, or permissions@acm.org.
Recommended citation