Don’t Secure Routing Protocols, Secure Data Delivery

Internet routing and forwarding are vulnerable to attacks and misconfigurations that compromise secure communications between end systems.With networks facing external attempts to compromise their routers [3] and insiders able to commandeer infrastructure, subversion of Internet communication is an ever more serious threat. Much prior work has proposed to improve communication security with secure interdomain routing protocols (e.g., S-BGP [10] and so-BGP [12]). We argue that solving the problem of secure routing is both harder and less effective than directly solving the core problems needed to communicate securely: end-to-end confidentiality, integrity, and availability. Secure routing protocols focus on providing origin authentication and path validity, identified as necessary by the IETF to secure BGP [7]. Unfortunately, these properties are both too little and too much