Fixing BGP Might Be Difficult--Or Not So Tough

The predominant worry about BGP (Border Gateway Protocol) is that attackers could figure out a way to take advantage of the implicit trust relationship between peer routers by mounting a man-in-the-middle attack and injecting false information into routing updates. As of yet, that has not happened; however, an accidentally misconfigured BGP router incident in 1997 illustrated that a falsely advertised route could pull immense amounts of traffic from other routes into paths for which it was never intended and cause severe slowdowns or shutdowns. The networking community has stepped up its effort to address BGP security. In the longer term, the most mature method to address BGP security is Secure BGP (S-BGP), developed by researchers at BBN Technologies under a DARPA. However, adopting a BGP security standard is still in its infancy.