Origin Authentication in Interdomain Routing

3/9/2004 Presenter: Lan Gao 1

Origin Authentication inInterdomain Routing

William Aiello, John Ioannidis, and Patrick McDaniel

Proceedings of 10th ACM Conference on Computer and Communications Security (CCS'03)


What does the paper solve?

Problem How do we ensure that addresses are associated

with only those ASes that own them?

Origin Authentication Provide a way to validate claims of address

ownership in interdomain routing Authenticate address usage

Defense against Attacks by malicious entities misconfigurations


Overview

BackgroundFormalization semantics of address delegation Origin authentication proof systems

Modeling address delegation graph

Evaluating resource costs


Interdomain Routing

The Internet consists of many routing domains: routing inside a domain is determined by an

intradomain routing protocol routing between domains is governed by an

interdomain routing protocol Intradomain and interdomain routing decisions

are largely made independently

Reasons: Scale Administrative autonomy


BGP (Border Gateway Protocol)

BGP: the interdomain routing protocol used on

the Internet routing domains is called Autonomous

Systems (ASes), e.g. AT&T.ASes: announce the prefixes that they own (IP

address ranges, e.g. 12.1.1.0/24) to its neighboring ASes.

announce the prefixes that it learns from each of its neighbors to its other neighbors.


Intra-AS and Inter-AS Routing: Example

Source: Computer Networking: A Top-Down Approach Featuring the Internet

The route from A.d to B.b: intra-AS and inter-AS path segments.


Security Issues in Interdomain Routing

ASes are not authenticatedPaths are not authenticatedAddresses are not authenticatedWhat is addressed in the paper? Validate an AS’s authority to advertise a

prefix


Origin Authentication

Goal: Provide evidence (cryptographically strong

authentication tags) of the relations between organizations, ASes, and prefixes.

Evidence

Validated Address

Advertisements

Address Advertisemen

ts

BGP Speakers


Address Delegation

The IPv4 address space is governed by IANAIANA delegates parts of the global address space to organizationsEach organization may further Delegate some or all of the received

address space to any organization it desires

Assign its address space to the AS in which the addresses reside


Address Delegation: Example

AT&T delegates 12.1.1.0/24 to ALPHAAT&T assigns 12.0.0.0/8 to AS7018Longest prefix matching for 12.1.1.0/24Address announcements: ASes advertise the set of prefixes that they originate (prefix, ASN)


Definition: Organization

ASN = { 1, 2, …, K }, where currently K = 216

E.g. AS7018, AS29987

S = { all BGP speaking organizations } E.g. AT&T, ARIN, ALPHA, BETA

ASN(C) = { AS # currently assigned to C } E.g. for C = ALPHA, ASN(C) = { AS29987 }

O = S { IANA } { other prefix registries }


Definition: Prefixes

IPA = { 0, 1 }l, where l = 32/64 for IPv4/IPv6Address Prefixes: x/j x is a j bit number,

and j [ 0, l ], e.g. 128/8

x/j = { xy | y is a (l-j) bit number }

IPA = /0

x/j

x0/(j+1) x1/(j+1)

Disjoint UnionSupersetsubprefix & superprefix


Prefix Tree of IPA

/0

0/1 1/1

00/2 01/2 10/2 11/2

11/3200/32


Definition: delegation policy

For a given prefix y/k and an organization C: (C, y/k, n): C assigns y/k to an ASN n (C, y/k, C’): C delegates y/k to C’ (C, y/k, R): C declares y/k as RESERVED (C, y/k, U): C’s delegation or assignment

of y/k is UNAUTHENTICATEDC may perform zero, one, or more of the above optionsThe set of triples is C’s delegation policy for y/k


Subtree Semantics

Definition: a property of a prefix x/j implies the same

property for all of the subprefixes of x/j

Consider the previous delegation policy: Delegations, RESERVED and

UNAUTHENTICATED declarations have subtree semantics

Assignments do not have subtree semantics


Delegation GraphsA directed graph G = (V, E) V=O ASN R U E={(x, y/k, z)}Example: V = { IANA, AT&T, … } E =

{(IANA,12.0.0.0/8,AT&T), … }

Definition: Ownership Source Assignment Edge ASN-respecting


Valid & Faithful

A directed path is valid for y/k if: The ownership source is IANA The path is monotonic The path is acyclic The ass edge is labelled y/k and is ASN-

respecting

C’s delegation policy is faithful for y/k if there is at most one triple in the form: (C, y/k, n) (C, x/j, C’), (C, x/j, U), or (C, x/j, R), where x/j is a

superprefix of y/k


Verification of Origin Announcements

OAs are verified by Origin Authentication Tags (OATs): A delegation path A set of delegation attestation, one for

each edge in the path An ASN Ownership Proof


Simple Delegation Attestation

A signature by C for a prefix x/j: { ( C, x/j, FC(x/j) ) }C

A signed statement (by C’s key) binding the prefix (x/j) to an organization identifier (FC(x/j))

The simple delegation attestation for D(C):{ ( C, x1/j1, FC(x1/j1) ) }C,

{ ( C, x2/j2, FC(x2/j2) ) }C,…,

{ ( C, xs/js, FC(xs/js) ) }C


SDA: An Example

The delegation path for 12.1.1.0/24 is:

(IANA, AT&T, ALPHA, AS29987)

The delegation attestation for the path are:[(IANA, 12.0.0.0/8, AT&T)]IANA,

[(AT&T, 12.1.1.0/24, ALPHA)]AT&T,

[(ALPHA, 12.1.1.0/24, AS29987)]ALPHA


Authenticated Delegation List

C creates a single list of all of its delegations and sign that list

[ { ( C, x1/j1, FC(x1/j1) ) },

{ ( C, x2/j2, FC(x2/j2) ) },

…, { ( C, xs/js, FC(xs/js) ) } ]C

If C delegates xi/ji to B C signs all of the delegations it makes to

everyone. B advertises xi/ji and provides this attestation


ADL: An Example


(IANA, AT&T, ALPHA, AS29987)

The delegation attestation for the path are:[(IANA, 12.0.0.0/8, AT&T), (IANA, 64.0.0.0/8, ARIN)]IANA,[(AT&T, 12.1.1.0/24, ALPHA), (AT&T, 64.1.0.0/16, AS7018), (AT&T, 12.0.0.0/8, AS7018)]AT&T,[(ALPHA, 12.1.1.0/24,

AS29987)]ALPHA


AS Authenticated Delegation List

C breaks up the entire list into several lists and signs each of the smaller lists.The list is splitted according to those prefixes: delegated to the same organization or assigned to the same AS number

If C delegates xi/ji to B C signs all of the delegations it makes to B. B advertises xi/ji and provides this attestation


AS ADL: An Example


(IANA, AT&T, AS7018)

The delegation attestation for the path are:[(IANA, 12.0.0.0/8, AT&T)]IANA,

[(AT&T, 64.1.0.0/16, AS7018), (AT&T, 12.0.0.0/8, AS7018)]AT&T


Authenticated Delegation Tree

C creates a Merkle hash tree: The values of the leaves: ( C, x/j, FC(x/j) ) The values of each internal node: H( L, R )

If C delegates xi/ji to B C only signs the root [h0]C

C provides the value of the children of all of the nodes on the path in the Merkel tree from the root to ( C, xi/ji, B )

B advertises xi/ji and provides this attestation


ADT: An Example

The delegation attestation for (C, x2/j2, B):

{H(L12, R34)}C, H(L3, R4), (C, x1/j1, A)

H(L12, R34)

H(L1, R2) H(L3, R4)

(C, x1/j1, A) (C, x2/j2, B) (C, x3/j3, D) (C, x4/j4, E)


Authenticated Delegation Dictionaries - 1

The model for an authenticated dictionary

An Authenticated Dictionary for C: Element: (C, y/k, FC(y/k)) The search key: address prefixes Data Structure: balanced 2-3 trees, with

leaves sorted based on the search key

User

Directory

DictionaryQuery

Yes/No + ProofAttestations



Prefix Tree rooted at x/j:

A total order of the prefixes:x/j < xy/(j+k) < z/j

The smallest element: x/jThe largest element: x1l-j/l

x/j

x0/(j+1) x1/(j+1)

x00/(j+2)x01/(j+2)x10/(j+2)x11/(j+2)



ADD for C:

The delegation attestation for (C, x2/j2, B): The signed root: {k0H(L123, R45)}C

The value of the children of the nodes of the path: k3H(L4, R5), (C, x1/j1, A), (C, x3/j3, D)

The search tree path

k0H(L123,R45)

k1 k2H(L1,M2,R3) k3H(L4,R5)

(C, x1/j1, A) (C, x2/j2, B) (C, x3/j3, D) (C, x5/j5, F))(C, x4/j4, E)


Approximating IP Address Delegation

Goal: To understand how and by whom

delegation occurs

Sources: IANA and BGP announcementsWhat do we learn? Dense (16 orgs delegate 80% address

space) Stable (10-30% movement in 5 months)


Approximation Example


Delegation in the ApproximateDelegation Graph

The overwhelming number of delegations are being performed by a relatively few ASes/organizations


Trace-Based Simulation

The OAsim simulator: Models the operation of a single BGP speaker Accepts timed BGP UPDATE streams Computes bandwidth/computational costs Implements four service designs

Dataset: Obtained from RouteViews A trace of BGP updates over a 24 hour period


Computational Costs


Bandwidth Costs


Conclusions

OA is important in inter-domain routing trace and validate the delegation of address

usage

Formalization semantics of address ads & proofs of delegation

Modeling the current IPv4 address delegation: dense &

static

Performance Evaluation consolidate proofs by delegator to reduce costs


Questions Questions

??

Comments?Comments?

Origin Authentication in Interdomain Routing

Documents

Transcript of Origin Authentication in Interdomain Routing