EPIC: Every Packet Is Checked in the Data Plane of a Path-Aware Internet

An exciting insight of recent networking research has been that path-aware networking architectures are able to fundamentally solve many of the security issues of today’s Internet, while increasing overall efficiency and giving control over path selection to end hosts. In this paper, we consider three important issues related to this new networking paradigm: First, network operators still need to be able to impose their own policies to rule out uneconomical paths and to enforce these decisions on the data plane. Second, end hosts should be able to verify that their forwarding decisions are actually followed by the network. Finally, both intermediate routers and recipients should be able to authenticate the source of packets. These properties have been considered by previous work, but there is no existing system that achieves both strong security guarantees and high efficiency. We propose EPIC, a family of data-plane protocols that provide increasingly strong security properties, addressing all three described requirements. The EPIC protocols have significantly lower communication overhead than comparable systems: for realistic path lengths, the overhead is 3–5 times smaller compared to the state-of-the-art systems OPT and ICING. Our prototype implementation is able to saturate a 40 Gbps link even on commodity hardware due to the use of only few highly efficient symmetric cryptographic operations in the forwarding process. Thus, by ensuring that every packet is checked at every hop, we make an important step towards an efficient and secure future Internet.

[1]  Lixin Gao,et al.  Stable Internet routing without global coordination , 2000, SIGMETRICS '00.

[2]  Yih-Chun Hu,et al.  The Case for In-Network Replay Suppression , 2017, AsiaCCS.

[3]  Andreas Haeberlen,et al.  The Nebula Future Internet Architecture , 2013, Future Internet Assembly.

[4]  Yih-Chun Hu,et al.  Lightweight source authentication and path validation , 2014, SIGCOMM.

[5]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[6]  Yingjiu Li,et al.  What's (Not) Validating Network Paths: A Survey , 2018, ArXiv.

[7]  Alex C. Snoeren,et al.  A system for authenticated policy-compliant routing , 2004, SIGCOMM '04.

[8]  Yao Zhang,et al.  SIBRA: Scalable Internet Bandwidth Reservation Architecture , 2015, NDSS.

[9]  Adrian Perrig,et al.  High-Speed Inter-Domain Fault Localization , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[10]  Xin Zhang,et al.  SCION: Scalability, Control, and Isolation on Next-Generation Networks , 2011, 2011 IEEE Symposium on Security and Privacy.

[11]  Michael Walfish,et al.  Verifying and enforcing network paths with icing , 2011, CoNEXT '11.

[12]  Adrian Perrig,et al.  SCION: A Secure Internet Architecture , 2017, Information Security and Cryptography.

[13]  Ke Xu,et al.  Enabling Efficient Source and Path Verification via Probabilistic Packet Marking , 2018, 2018 IEEE/ACM 26th International Symposium on Quality of Service (IWQoS).

[14]  Jonathan Katz,et al.  Aggregate Message Authentication Codes , 1995 .

[15]  Prateek Mittal,et al.  RAPTOR: Routing Attacks on Privacy in Tor , 2015, USENIX Security Symposium.

[16]  Jennifer Rexford,et al.  Bamboozling Certificate Authorities with BGP , 2018, USENIX Security Symposium.

[17]  Brice Augustin,et al.  Avoiding traceroute anomalies with Paris traceroute , 2006, IMC '06.

[18]  Xiaohong Huang,et al.  Inferring the average as path length of the Internet , 2016, 2016 IEEE International Conference on Network Infrastructure and Digital Content (IC-NIDC).

[19]  Damien Magoni,et al.  Internet topology modeler based on map sampling , 2002, Proceedings ISCC 2002 Seventh International Symposium on Computers and Communications.

[20]  Tilman Wolf,et al.  Source Authentication and Path Validation in Networks Using Orthogonal Sequences , 2016, 2016 25th International Conference on Computer Communication and Networks (ICCCN).

[21]  Tilman Wolf,et al.  Source authentication and path validation with orthogonal network capabilities , 2015, 2015 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[22]  Kamal Benzekki,et al.  Software-defined networking (SDN): a survey , 2016, Secur. Commun. Networks.

[23]  Zine-Eddine Abid,et al.  Transistor level optimization of sub-pipelined AES design in CMOS 65nm , 2011, ICM 2011 Proceeding.

[24]  Radha Poovendran,et al.  The AES-CMAC Algorithm , 2006, RFC.

[25]  Alex C. Snoeren,et al.  Secure and policy-compliant source routing , 2009, TNET.

[26]  Aurojit Panda,et al.  Enabling a permanent revolution in internet architecture , 2019, SIGCOMM.

[27]  Daniel Raumer,et al.  Assessing Soft- and Hardware Bottlenecks in PC-based Packet Forwarding Systems , 2015 .

[28]  Xin Liu,et al.  Passport: Secure and Adoptable Source Authentication , 2008, NSDI.

[29]  Adrian Perrig,et al.  PISKES: Pragmatic Internet-Scale Key-Establishment System , 2020, AsiaCCS.

[30]  Kenneth L. Calvert,et al.  Separating routing and forwarding: A clean-slate network layer design , 2007, 2007 Fourth International Conference on Broadband Communications, Networks and Systems (BROADNETS '07).

[31]  Anees Shaikh,et al.  Issues with inferring Internet topological attributes , 2004, Comput. Commun..

[32]  Virgil D. Gligor,et al.  The Crossfire Attack , 2013, 2013 IEEE Symposium on Security and Privacy.

[33]  Mihir Bellare,et al.  The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[34]  B. Bhattacharjee,et al.  Postmodern Internetwork Architecture , 2006 .

[35]  Stephen T. Kent,et al.  An Infrastructure to Support Secure Internet Routing , 2012, RFC.

[36]  Adrian Perrig,et al.  The Coremelt Attack , 2009, ESORICS.

[37]  B. Huffaker,et al.  Distance Metrics in the Internet , 2002, Anais do 2002 International Telecommunications Symposium.