The International Computer Science Institute
is pleased to present a talk:
"Decentralized security mechanisms for Internet routing"
lakme
![[Graphic]](http://www.icsi.berkeley.edu/icons/14pxdk.gif){kind=icon}
EECS.Berkeley.EDU
"Decentralized security mechanisms for Internet routing"
EECS.Berkeley.EDU
Today's Internet routing protocols blindly assume that routers propagate truthful information. This incorrect assumption renders the entire Internet to be vulnerable to accidental misconfigurations and deliberate attacks. Prior security proposals to address this problem face a critical deployment hurdle in that they assume the existence of a keyed infrastructure (e.g. PKI) and a trusted centralized authority. Neither of these two crucial ingredients is currently available nor will be so in the near future.
In this talk, I will first describe Listen and Whisper, two decentralized and deployable security mechanisms that improve the security of the Border Gateway Protocol (BGP), the de facto interdomain routing protocol. The combination of Listen and Whisper eliminates a large number of problems due to router misconfigurations, and restricts (though not eliminates) the damage that deliberate attackers can cause.
Next, I will formulate the theoretical problem of reliable communication in unknown networks which determines the minimum set of constraints to achieve decentralized secure routing in an arbitrary network. Our solution to this problem provides a suite of security primitives that can be appended to existing routing protocols to protect against a bounded number of adversaries. This work also addresses two open theoretical problems: (a) Under what constraints can one achieve decentralized key distribution in the face of bounded number of adversaries? (b) When can one achieve Byzantine agreement when the underlying graph is not known to the nodes?