Open AccessA Novel Approach for Secure Routing Through BGP Using Symmetric Key
Author(s) -
Divan G. Raimagia,
Shraddha Singh,
Sameena Zafar
Publication year - 2013
Publication title -
international journal of network security and its applications/international journal of network security and applications
Language(s) - English
Resource type - Journals
eISSN - 0975-2307
pISSN - 0974-9330
DOI - 10.5121/ijnsa.2013.5513
Subject(s) - key (lock) , computer science , computer network , routing (electronic design automation) , border gateway protocol , symmetric key algorithm , computer security , routing protocol , static routing , public key cryptography , encryption
The Border Gateway Protocol (BGP) is the path vector routing protocol that connects different autonomous systems.. These ASes have unique integer numbers which assign by IANA organization. The traditional BGP protocol is not sufficient to provide security and authentication for AS path and verification of AS number ownership as well as network IP prefix. The BGP remains vulnerable to various types of misconfiguration by users and attacks. Many secure BGP algorithms have been proposed but complexity of algorithm and attack on that models still remain open problem. In this paper, we propose anefficient model for SBGP; initially establish trust relationship between BGP peers. In this process BGP use TCP protocol for reliable communication. The BGP routers will attempt to create secure BGP session byexchanging BGP Open messages. During this Open messages master BGP router generate private key with help of cyclic shifting of ASCII of password called cyclic shift algorithm. Then hash of this private key send towards neighbour. Instead of key exchange, we use hashing algorithm, we generate hash of only key through SHA-1. This hash code for private key sent with Open messages during session establishment. When this Open messages receive by neighbor BGP routers, first it generate key using same password with same algorithm & generate hash code for same and then compare both hash code. If it matches then establish secure session with master BGP router & accept the Autonomous system number which is sent bymaster router during Open Messages. In this manner both BGP speakers make trust relationship between each other & then exchange route UPDATE within secure channel. If hash code at receiver end does notmatch then simply receiving BGP router discard Open messages and does not make connection with unauthorized AS number. If malicious router wants to inject false route or false ip prefix then it does notcreate secure session by lack of secure private key. So malicious router does not participate in above BGP routing process