posted on 1998-10-01, 00:00authored byDan Wendlandt, Ioannis Avramopoulos, David G. Andersen, Jennifer Rexford
Internet routing and forwarding are vulnerable to attacks
and misconfigurations that compromise secure communications
between end systems.With networks facing external
attempts to compromise their routers [3] and insiders
able to commandeer infrastructure, subversion of
Internet communication is an ever more serious threat.
Much prior work has proposed to improve communication
security with secure interdomain routing protocols
(e.g., S-BGP [10] and so-BGP [12]). We argue
that solving the problem of secure routing is both harder
and less effective than directly solving the core problems
needed to communicate securely: end-to-end confidentiality,
integrity, and availability. Secure routing protocols
focus on providing origin authentication and path
validity, identified as necessary by the IETF to secure
BGP [7]. Unfortunately, these properties are both too little
and too much