Secure Blockchain Network Communication Using SCION

Total Page:16

File Type:pdf, Size:1020Kb

Secure Blockchain Network Communication Using SCION DEGREE PROJECT IN COMPUTER SCIENCE AND ENGINEERING, SECOND CYCLE, 30 CREDITS STOCKHOLM, SWEDEN 2018 Secure Blockchain Network Communication using SCION ALEKSANDAR VORKAPIC KTH ROYAL INSTITUTE OF TECHNOLOGY SCHOOL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCE Secure Blockchain Network Communication using SCION ALEKSANDAR VORKAPIC´ Master in Computer Science Date: December 5, 2018 Supervisor: Panos Papadimitratos Examiner: Mads Dam Principal: Adrian Perrig, ETH Zürich Swedish title: Säker nätverkskommunikation för blockkedja med hjälp av SCION School of Electrical Engineering and Computer Science i Abstract The paper by Apostolaki, Zohar, and Vanbever [3] describes two rout- ing attacks on the Bitcoin network, partition attack and delay attack. By isolating parts of the network or delaying block propagation, a sig- nificant amount of mining power could be wasted, resulting in rev- enue loss and a wide range of exploits could be enabled, such as dou- ble spending. Hence, the Bitcoin’s solution to the double spending problem would be broken, making the technology unreliable and un- available. The Border Gateway Protocol (BGP) is the standardized routing protocol in the current Internet, without any security guarantees. Nu- merous security extensions have been proposed for BGP, but there is still no widely deployed solution. Therefore, some argue that instead of securing BGP, an entirely new inter-domain architecture should be developed. The thesis investigates the possible mitigation of routing attacks in the blockchain technology, by using the new inter-domain architec- ture called SCION. Two solutions are proposed utilizing SCION and IP, namely an application level solution and a SIG proxy solution. The solutions have been evaluated in terms of security, availability and efficiency, with the conclusion that routing attacks can be mitigated using SCION. Hence, providing incentive to the blockchain users to use SCION, in order to benefit from a secure and highly available blockchain network communication, with potential revenue increase. Furthermore, the thesis provides incentive for further development of the SCION architecture, as well as applying SCION to additional fields. ii Sammanfattning Forskningsarbetet av Apostolaki, Zohar och Vanbever [3] beskriver två routingattacker på Bitcoinnätverket, partitioneringsattack och fördröj- ningsattack. Genom att isolera delar av nätverket eller fördröja block- utbredningen, skulle signifikant mängd brytningskraft kunna slösas bort, vilket resulterar i omsättningsförlust och ett brett spektrum av utnyttjanden skulle kunna möjliggöras, som t.ex. dubbla utgifter. Som en följd, skulle Bitcoins lösning på problemet med dubbla utgifter sät- tas ur spel, vilket gör tekniken opålitlig och otillgänglig. Border Gateway-protokollet (BGP) är det standardiserade routing- protokollet i nuvarande Internet, utan några säkerhetsgarantier. Många säkerhetsutvidgningar för BGP har föreslagits, även om det fortfaran- de inte finns någon allmänt nyttjad lösning. Därför hävdar vissa att i stället för att säkra BGP, bör en helt ny interdomänarkitektur utveck- las. Detta examensarbete undersöker en eventuell lindring av routing- attacker i blockkedjetekniken, med hjälp av den nya interdomänar- kitekturen som heter SCION. Två lösningar som nyttjar SCION och IP föreslås, en applikationsnivålösning och en SIG-proxylösning. Lös- ningarna har utvärderats med avseende på säkerhet, tillgänglighet och effektivitet. Slutsatsen blev att routingattacker kan lindras med SCION, vilket motiverar blockkedjeanvändarna att använda SCION, för att dra nytta av en säker och högt tillgänglig blockkedjenätverkskommu- nikation, med möjlighet till ökad omsättning. Examensarbetet bidrar dessutom med motivering för vidareutveckling av SCION-arkitekturen, samt till att tillämpa SCION på ytterligare områden. iii Acknowledgements I would like to express my sincere gratitude to my supervisor Panos Papadimitratos for the support of my research and invitation to the CySeP 2018. His feedback and guidance helped me with the research, and the writing of the thesis. My sincere and very thorough thanks also go to Prof. Dr. Adrian Perrig at ETH Zürich, together with Christos Pappas and Taeho Lee, for giving me the chance to carry out the study. Without their exten- sive knowledge, advice and insights, this thesis would not have been finished. Lastly, I would like to thank Juan A. García-Pardo and Jonghoon Kwon at ETH Zürich for helping me with the SCIONLab, and willing to discuss SCION and blockchain related questions. Contents 1 Introduction 2 1.1 Research Question . .3 1.2 Objective . .3 1.3 Scope and limitations . .4 2 Background 6 2.1 The Border Gateway Protocol (BGP) . .6 2.1.1 BGP hijacking attack . .7 2.1.2 Defenses . .9 2.2 The SCION Architecture . 13 2.2.1 The SCION-IP Gateway (SIG) . 17 2.3 Blockchain . 19 2.4 Bitcoin . 24 2.5 Ethereum . 25 2.5.1 Node discovery protocol . 25 2.5.2 Establishing encrypted connection . 27 3 Related Work 29 4 Solution Design 34 4.1 Problem . 34 4.1.1 Assumptions and limitations . 35 4.2 Application level solution . 35 4.3 SIG proxy solution . 36 4.4 Security model . 38 5 Method 39 5.1 Literature research . 39 5.2 Application level solution . 39 5.3 SIG proxy solution . 40 iv CONTENTS 1 5.4 SIG discovery protocol . 41 5.5 Disruption Detection Tool (DDT) . 41 5.6 Evaluation . 42 5.6.1 Efficiency requirements . 43 6 Implementation 44 6.1 Hardware . 44 6.2 Software . 44 6.2.1 Ethereum network configuration . 46 6.3 Design . 47 7 Results 48 7.1 Security analysis . 49 7.1.1 Attack scenario . 49 7.2 Availability analysis . 52 7.3 Efficiency analysis . 53 7.3.1 IP and SCION comparison . 54 8 Discussion 58 8.1 Security analysis . 60 8.1.1 Disruption Detection Tool (DDT) . 61 8.1.2 SIG discovery protocol . 62 8.2 Blockchain protocols with encrypted communication . 62 8.3 Availability analysis . 64 8.4 Efficiency analysis . 65 8.5 SCION deployment . 68 8.6 Ethical aspects and sustainability . 69 9 Conclusion 71 10 Future Work 73 Bibliography 75 A Typical scenario 81 A.1 Application level solution . 81 A.2 SIG proxy solution . 84 Chapter 1 Introduction Blockchain technology can be traced back to 1991 when Haber and Stornetta [28] described the first work on a cryptographically secured chain of blocks. A year later, Bayer, Haber, and Stornetta [5] enabled several documents to be collected into a block. However, blockchain technology gained significance first in 2008, when Satoshi Nakamoto published the Bitcoin white paper [41]. The invention of the Bitcoin made it the first digital currency (cryptocurrency) to solve the double spending problem, spending the same asset twice, without the need of a trusted central authority. Furthermore, it has become inspiration for many additional cryptocurrencies and blockchain-based applications. At the time of writing the thesis, Bitcoin was the most successful cryptocurrency with more than 17 million bitcoins valued at approx- imately 115 billion USD [6]. Given the amount of money at stake, Bitcoin and other cryptocurrencies are obvious targets for attackers. However, attacking cryptocurrencies via the Internet infrastructure was not investigated until the paper by Apostolaki, Zohar, and Vanbever [3] was published. It was believed that blockchain technology is resilient against Bor- der Router Protocol (BGP) hijacking attacks, due to the decentralized Peer-to-Peer (P2P) network. However, the recent paper by Apostolaki, Zohar, and Vanbever [3] shows that, due to the insecure BGP routing protocol and quite centralized Bitcoin network, it is feasible to exe- cute routing attacks on Bitcoin. Few Autonomous Systems (ASes) host most of the nodes in the Bitcoin network, which could be due to the high amount of mining pools located in Iceland and China. In min- ing pools, multiple miners gather together in order to increase their 2 CHAPTER 1. INTRODUCTION 3 chances of finding new blocks and getting the reward. Furthermore, the paper describes two routing attacks, partition attack and delay at- tack. By isolating parts of the network or delaying block propagation, a significant amount of mining power could be wasted, resulting in revenue loss and a wide range of exploits could be enabled, such as double spending. Hence, the Bitcoin’s solution to the double spend- ing problem would be broken, making the technology unreliable and unavailable. Since routing attacks are feasible on any technology running on a centralized network in the current Internet, a routing protocol that guarantees secure and highly available network communication is vi- tal. Thus, it is of interest to investigate mitigation of routing attacks on blockchain technology using SCION [47], a new inter-domain archi- tecture being developed to solve all BGP vulnerabilities in an efficient way. 1.1 Research Question Is it feasible to deploy SCION along with a blockchain technology in order to mitigate routing attacks, and provide secure and highly avail- able blockchain network communication? Can the proposed solution decrease the amount of wasted computing power by routing attacks, and increase miners’ revenue by utilizing SCION? 1.2 Objective Mitigating BGP routing attacks targeting a blockchain technology is the main focus of the thesis. Routing attacks have been disrupting the Internet for decades, by enabling phishing, spamming and Distributed Denial-of-Service (DDoS) attacks. The BGP protocol is the standardized routing protocol in the cur- rent Internet, with no security guarantees [46]. Thus, it is feasible to execute routing attacks, also called BGP hijacking attacks. Any AS can inject forged information on how to reach one or more IP prefixes, re- sulting in ASes sending traffic to wrong destination [3][47]. 4 CHAPTER 1. INTRODUCTION In 2014, Dell SecureWorks published details of an attacker who re- peatedly performed BGP hijacking attacks on a large set of providers, such as Amazon, Digital Oceana and Alibaba. The goal was to inter- cept data between Bitcoin miners and Bitcoin mining pools, where the estimated worth of the theft was $83,000 [56]. A more recent BGP hi- jacking attack on Amazon DNS, resulted in theft of ether and ethereum- based tokens worth $152,000 [24].
Recommended publications
  • Securing Interdomain Network Routing with Resource Public Key Infrastructure (RPKI)
    Securing Interdomain Network Routing with Resource Public Key Infrastructure (RPKI) A Technical Paper prepared for SCTE•ISBE by Mark Goodwin IP Design Engineer Cox Communications, Inc 6305-B Peachtree Dunwoody Rd, Atlanta, GA 30328 404-269-8267 [email protected] © 2019 SCTE•ISBE and NCTA. All rights reserved. Table of Contents Title Page Number Table of Contents .................................................................................................................................... 2 1. Introduction .................................................................................................................................... 4 2. Motivations .................................................................................................................................... 4 2.1. BGP Security Analysis ....................................................................................................... 4 3. RPKI Components ......................................................................................................................... 6 3.1. Certificate Authority (CA) ................................................................................................... 7 3.2. Resource Certificate .......................................................................................................... 7 3.3. Route Origin Authorizations (ROAs)................................................................................... 8 3.4. RPKI Validating Cache .....................................................................................................
    [Show full text]
  • Bambauer-Macro-V2-Nov 28.Docx (Do Not Delete) 12/12/14 6:26 Pm
    BAMBAUER-MACRO-V2-NOV 28.DOCX (DO NOT DELETE) 12/12/14 6:26 PM FOXES AND HEDGEHOGS IN TRANSITION DEREK E. BAMBAUER* INTRODUCTION .......................................................................................... 1 I. A FLATTER NETWORK ........................................................................... 2 II. UNIVERSAL SERVICE? .......................................................................... 7 III. THE CAST OF CHARACTERS .............................................................. 10 CONCLUSION ........................................................................................... 16 INTRODUCTION The migration from a congeries of communications protocols and technologies to an Internet Protocol-based system is an architectural shift of profound magnitude: it is as though people returned to the city of Babel, abandoning their native tongues for a single lingua franca. Perhaps, after this shift, nothing will be restrained from those who use the Internet.1 And yet, there will inevitably be problems that arise from the shift. Scholars and activists have already raised concerns about equal access to communications capabilities; about the security and resiliency of the new architecture; and about the tension between competing speech interests on the network. One way of thinking about these problems, and potential solutions, is to classify them as either hedgehogs or foxes. The British philosopher Isaiah Berlin suggested that intellectuals can be classified into these two camps, puckishly borrowing from the Greek
    [Show full text]
  • Overview of Routing Security Landscape for the Quilt Member Meeting, Winter 2019 Mark Beadles, CISO, Oarnet [email protected] BGP IDLE
    Overview of Routing Security Landscape for the Quilt Member Meeting, Winter 2019 Mark Beadles, CISO, OARnet [email protected] BGP IDLE CONNECT ACTIVE OPEN OPEN SENT CONFIRM ESTAB- LISHED 2/13/2019 Routing Security Landscape - The Quilt 2 Overview of Routing Security Landscape • Background • Threat environment • Current best practices • Gaps 2/13/2019 Routing Security Landscape - The Quilt 3 Background - Definitions • BGP • Border Gateway Protocol, an exterior path-vector gateway routing protocol • Autonomous System & Autonomous System Numbers • Collection of IP routing prefixes under control of a network operator on behalf of a single administrative domain that presents a defined routing policy to the Internet • Assigned number for each AS e.g. AS600 2/13/2019 Routing Security Landscape - The Quilt 4 Background - The BGP Security Problem By design, routers running BGP accept advertised routes from other BGP routers by default. (BGP was written under the assumption that no one would lie about the routes, so there’s no process for verifying the published announcements.) This allows for automatic and decentralized routing of traffic across the Internet, but it also leaves the Internet potentially vulnerable to accidental or malicious disruption, known as BGP hijacking. Due to the extent to which BGP is embedded in the core systems of the Internet, and the number of different networks operated by many different organizations which collectively make up the Internet, correcting this vulnerabilityis a technically and economically challenging problem. 2/13/2019 Routing Security Landscape - The Quilt 5 Background – BGP Terminology • Bogons • Objects (addresses/prefixes/ASNs) that don't belong on the internet • Spoofing • Lying about your address.
    [Show full text]
  • High Volume of European Network Traffic Re-Routed Through China
    Memo 11/06/2019 - TLP:WHITE High volume of European network traffic re-routed through China Telecom Reference: Memo [190611-1] Date: 11/06/2019 - Version: 1.0 Keywords: BGP, digital infrastructure, China Sources: publicly available information Key Points A routing incident led to 70 000 routes used for European traffic being redirected through China Telecom for over 2 hours. Border Gateway Protocol (BGP) errors are a relatively common issue but usually last just a few minutes. China Telecom has still not implemented some basic routing safeguards to detect and remediate them in a timely manner. Summary On June 6, a routing incident led to over 70 000 routes used for European mobile networks being redirected through China Telecom for over two hours. The incident began at 09:43 UTC when Swiss data centre colocation company Safe Host (AS21217) unintentionally leaked over 70 000 routes to China Telecom (AS4134) in Frankfurt, Germany. China Telecom then announced these routes on to the global internet redirecting large amounts of traffic destined for some of the largest European mobile networks through China Telecom’s network. Some of the most impacted European networks included Swisscom (AS3303) of Switzerland, KPN (AS1136) of Holland, Bouygues Telecom (AS5410) and Numericable-SFR (AS21502) of France. Often routing incidents only last for a few minutes, but in this case, many of the leaked routes were in circulation for over two hours. Comments China Telecom, a major international carrier, has still not implemented neither the basic routing safeguards necessary to prevent propagation of routing leaks nor the processes and procedures necessary to detect and remediate them in a timely manner when they inevitably occur.
    [Show full text]
  • Detecting IP Prefix Hijack Events Using BGP Activity and AS Connectivity Analysis
    University of Plymouth PEARL https://pearl.plymouth.ac.uk 04 University of Plymouth Research Theses 01 Research Theses Main Collection 2017 Detecting IP prefix hijack events using BGP activity and AS connectivity analysis Alshamrani, Hussain Hameed http://hdl.handle.net/10026.1/9566 University of Plymouth All content in PEARL is protected by copyright law. Author manuscripts are made available in accordance with publisher policies. Please cite only the published version using the details provided on the item record or document. In the absence of an open licence (e.g. Creative Commons), permissions for further reuse of content should be sought from the publisher or author. Detecting IP prefix hijack events using BGP activity and AS connectivity analysis BY Hussain Hameed Alshamrani A thesis submitted to the University of Plymouth in partial fulfilment for the degree of Doctor of Philosophy Centre for Security, Communications and Network (CSCAN) Plymouth University February 2017 Copyright This copy of the thesis has been supplied on condition that anyone who consults it is understood to recognise that its copyright rests with its author and that no quotation from the thesis and no information derived from it may be published without the author’s prior consent. Abstract The Border Gateway Protocol (BGP), the main component of core Internet connectivity, suffers vulnerability issues related to the impersonation of the ownership of IP prefixes for Autonomous Systems (ASes). In this context, a number of studies have focused on securing the BGP through several techniques, such as monitoring-based, historical-based and statistical-based behavioural models. In spite of the significant research undertaken, the proposed solutions cannot detect the IP prefix hijack accurately or even differentiate it from other types of attacks that could threaten the performance of the BGP.
    [Show full text]
  • Istrinternet Security Threat Report Volume
    ISTRInternet Security Threat Report Volume 23 01 Introduction Page 2 ISTR April 2017 THE DOCUMENT IS PROVIDED “AS IS” AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENT. THE INFORMATION CONTAINED IN THIS DOCUMENT IS SUBJECT TO CHANGE WITHOUT NOTICE. INFORMATION OBTAINED FROM THIRD PARTY SOURCES IS BELIEVED TO BE RELIABLE, BUT IS IN NO WAY GUARANTEED. SECURITY PRODUCTS, TECHNICAL SERVICES, AND ANY OTHER TECHNICAL DATA REFERENCED IN THIS DOCUMENT (“CONTROLLED ITEMS”) ARE SUBJECT TO U.S. EXPORT CONTROL AND SANCTIONS LAWS, REGULATIONS AND REQUIREMENTS, AND MAY BE SUBJECT TO EXPORT OR IMPORT REGULATIONS IN OTHER COUNTRIES. YOU AGREE TO COMPLY STRICTLY WITH THESE LAWS, REGULATIONS AND REQUIREMENTS, AND ACKNOWLEDGE THAT YOU HAVE THE RESPONSIBILITY TO OBTAIN ANY LICENSES, PERMITS OR OTHER APPROVALS THAT MAY BE REQUIRED IN ORDER FOR YOU TO EXPORT, RE-EXPORT, TRANSFER IN COUNTRY OR IMPORT SUCH CONTROLLED ITEMS. Back to Table of Contents 01 Introduction 03 Facts and Figures Executive Summary Malware Big Numbers Web Threats Methodology Email Vulnerabilities Targeted Attacks 02 Year in Review Mobile Threats The Cyber Crime Threat Landscape Internet of Things Targeted Attacks by Numbers
    [Show full text]
  • Multiple Origin Ases Identification for IP Prefix Hijacking and Mis
    Poster: MOAI: Multiple Origin ASes Identification for IP Prefix Hijacking and Mis-Origination Hironori Imai Masayuki Okada Akira Kanaoka Toho University Japan Network Information Center (JPNIC) Toho University [email protected] [email protected] [email protected] TABLE I. ADVERTISEMENT TYPE (AT) CLASSIFICATION I. INTRODUCTION AT IP Prefix in update AS number in update In BGP, which controls the Internet routing information, AT1 Not Found - AT2 Exact Match in Full Route Match in Full Route the presence of inappropriate routing information in advertise- AT3 Exact Match in Full Route Differ from Full Route ments is a significant problem. Inappropriate route advertising AT4 Included in Full Route Match in Full Route in BGP is called Mis-Origination. In this research, we focused AT5 Included in Full Route Differ from Full Route on IP Prefix Hijacking caused by IP prefix collisions, which is a typical case of Mis-Origination. The existence of Mis- origination has been pointed out[1], [2], and prevention and II. MOAI OVERVIEW detection methods have been actively studied. IP prefix con- flicts are caused by Multiple Origin ASs (MOAS), in which Fig.1 shows an overview of the proposed method. First, the IP address range is advertised by multiple ASs. In recent information about the two types of routes is obtained from years, services have diversified, such as DDoS mitigation and the BGP monitoring infrastructure, such as RIPE RIS and IP address leasing, and they are generating MOAS with a RouteViews. One is the full route, which is all the route clear intention without malice.
    [Show full text]
  • The 11Th Workshop on Active Internet Measurements (AIMS-11) Workshop Report
    The 11th Workshop on Active Internet Measurements (AIMS-11) Workshop Report kc claffy David Clark UCSD/CAIDA MIT/CSAIL [email protected] [email protected] This article is an editorial note submitted to CCR. It has NOT been peer reviewed. The authors take full responsibility for this article’s technical content. Comments can be posted through CCR Online. ABSTRACT as destinations for some experiments and the basis for more com- On 16-17 April 2018, CAIDA hosted its eleventh Workshop on plex measurements. The RIPE NCC currently hold about 66TB of Active Internet Measurements (AIMS-11). This workshop series compressed measurement data, and operates an internal, private, provides a forum for stakeholders in Internet active measurement Hadoop cluster for analysis of accumulated measurements and projects to communicate their interests and concerns, and explore metadata. Query execution can be slow, and maintenance is ex- cooperative approaches to maximizing the collective benefit of de- pensive, relying on multiple specialists to manage software and ployed infrastructure and gathered data. An overarching theme this hardware sysetms. For external users, public results are available year was scaling the storage, indexing, annotation, and usage of in bulk via FTP, or via an API, but with no query interface. Stephen Internet measurements. We discussed tradeoffs in use of commer- Strowes (RIPE NCC, visiting CAIDA this year) reported on a new cial cloud services to to make measurement results more accessible experiment led by Elena Dominguez (RIPE NCC) to put RIPE Atlas and informative to researchers in various disciplines. Other agenda measurements in the Google Cloud (BigQuery) Platform, to improve topics included status updates on recent measurement infrastruc- query performance, improve service availability, and reduce oper- tures and community feedback; measurement of poorly configured ating costs, for both internal (to RIPE) and community use.
    [Show full text]
  • Routing Security in Latin America and the Caribbean Table of Contents
    Routing Security in Latin America and the Caribbean Table of Contents Acknowledgments 3 Introduction 4 What is at Stake? 5 Types of incidents 8 Route Hijacking (BGP Hijacking) 9 Route Leaks (BGP Leaks) 10 Incidents Timeline 12 Event Analysis 15 Methodology 15 Numbers around the World 16 Numbers in the Region 27 Events by Country 28 Rankings in Latin America 35 Mitigation Strategies 36 Initiatives 38 FORT Project 39 Conclusion 40 Annexes 41 Number of Incidents by Month around the World 41 2017 Statistics 42 2018 Statistics 46 2 Acknowledgments Author: Augusto Luciano Mathurin Supervisors: Carolina Caeiro Guillermo Cicileo Reviewers: Carlos Martinez-Cagnazzo Raúl Ramirez Castañeda Style Editor: María Eugenia Martínez Graphic Designer: Martin Mañana English Translator: Justina Díaz Cornejo Collaborators: Andrei RoBachevsky Gerardo Pias Mariela Rocha 3 Introduction Routing is one of the few components of Internet infrastructure that is still insecure. Nowadays, it is easy to hijack routing systems to Block weBsites, spy on users and redirect traffic to false destinations. These vulneraBilities may affect the free flow of information around the world and pose a threat to the security and privacy of users. Internet standardization Bodies have Been struggling for a long time to identify strategies that make routing more secure. The purpose of this three-part report is to help us address and understand this issue both globally and in our region. ● Firstly, as an introduction, this report explains that the Internet can Be the target of various attacks of very diverse technical characteristics, and then moves on to routing infrastructure attacks that Become incidents: hijacks and leaks in the BGP protocol.
    [Show full text]
  • The Hidden Story of China Telecom's BGP Hijacking
    Military Cyber Affairs Volume 3 Issue 1 Article 7 2018 China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking Chris C. Demchak U.S. Naval War College, [email protected] Yuval Shavitt Tel Aviv University, [email protected] Follow this and additional works at: https://scholarcommons.usf.edu/mca Part of the International Relations Commons Recommended Citation Demchak, Chris C. and Shavitt, Yuval (2018) "China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking," Military Cyber Affairs: Vol. 3 : Iss. 1 , Article 7. https://www.doi.org/https://doi.org/10.5038/2378-0789.3.1.1050 Available at: https://scholarcommons.usf.edu/mca/vol3/iss1/7 This Article is brought to you for free and open access by Scholar Commons. It has been accepted for inclusion in Military Cyber Affairs by an authorized editor of Scholar Commons. For more information, please contact [email protected]. China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking Cover Page Footnote The views and ideas expressed here are the authors alone, and do not represent those of the Department of Defense, U.S. Navy, or U.S. Naval War College. Erratum A revised article was uploaded including a disclaimer. This article is available in Military Cyber Affairs: https://scholarcommons.usf.edu/mca/vol3/iss1/7 Demchak and Shavitt: China’s Maxim – Leave No Access Point Unexploited China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking Chris C.
    [Show full text]
  • BGP Security and the Future
    BGP security and the future A meta-analysis of BGP threats and security to provide a new direction for practical BGP se- curity T.R. van Rossum BGP security and the future A meta-analysis of BGP threats and security to provide a new direction for practical BGP security by T.R. van Rossum to obtain the degree of Master of Science at the Delft University of Technology, to be defended publicly on October 15, 2020 at 13:00. Student number: 4246306 Project duration: March 1, 2019 – October 15, 2020 Thesis committee: Dr. C. Doerr, TU Delft, supervisor, chair Dr. S. Picek, TU Delft Dr. K. Hildebrandt, TU Delft This thesis is confidential and cannot be made public until October 14, 2021. An electronic version of this thesis is available at http://repository.tudelft.nl/. Abstract The Internet consists of many subnetworks, which are connected to each other. These subnetworks are the autonomous systems (ASes) that make up the Internet: each hosts a part of it. In order to successfully deter- mine routes from one of these ASes to the other, the Border Gateway Protocol (BGP) is used. This protocol has several security flaws however, and exploitation of them has lead to parts of the Internet being temporarily unreachable. In order to combat these flaws, several security solutions have been developed already. However, none of these have been deployed on a wide scale yet. As such, this thesis focuses on the question: why not, and what can be done to protect BGP in the future? This thesis includes an analysis of the BGP threat landscape, to find which threats are most relevant, and to find out whether or not solutions have adapted to the threat landscape.
    [Show full text]
  • Risks and Mitigation Options of the Border Gateway Protocol (BGP)
    THREAT ASSESSMENT1 June 2020 Risks and mitigation options of the Border Gateway Protocol (BGP) The Border Gateway Protocol (BGP) used to manage data on the Internet is insecure in nature and has caused tens of thousands of incidents, many of them with global implications. One of the latest examples comes from the 9th of June, when BGP hijacking caused IBM Cloud outage that lasted for hours. There are solutions, the use of which makes the BGP much safer, but unfortunately, Estonia is among the last in the European Union to implement them. BGP – what is it and how does it work? BGP is a routing protocol used to exchange routing information between different autonomous systems. Autonomous systems, in turn, contain information about one or more IP prefixes, or IP networks. It depends on the BGP whether our data is securely transferred from one autonomous system to another. The BGP is like an Internet roadmap, but it can also be compared with the postal service when explaining its role and need. After the sender has put the envelope in the mailbox, the postal company selects the way to use to deliver the letter to the addressee on the basis of the address indicated on it and the information available to the postal company. If someone wants to transfer data from an IP network device in one autonomous system to an IP network device in another autonomous system, then, like a postal company, they first need information about the possible routes by which this information can be delivered. BGP is designed to exchange such information between different autonomous systems.
    [Show full text]