Truth in Advertising: Lightweight Verification of Route Integrity

Edmund L. Wong, Praveen Balasubramanian, Lorenzo Alvisi, Mohamed Gouda, and Vitaly Shmatikov

Proceedings of the ACM Symposium on Principles of Distributed Computing (PODC) 2007.

View PDF or BibTeX.

Security, Networking

We design and evaluate a lightweight route verification mechanism that enables a router to discover route failures and inconsistencies between advertised Internet routes and actual paths taken by the data packets. Our mechanism is accurate, incrementally deployable, and secure against malicious intermediary routers. By carefully avoiding any cryptographic operations in the data path, our prototype implementation achieves the overhead of less than 1% on a 1 Gbps link, demonstrating that our method is suitable even for high-performance networks.