scion a secure multipath interdomain routing architecture
play

SCION: A Secure Multipath Interdomain Routing Architecture Adrian - PowerPoint PPT Presentation

Sep 14, 2023 •152 likes •497 views

SCION: A Secure Multipath Interdomain Routing Architecture Adrian Perrig Network Security Group, ETH Zrich SCION: Next-generation Internet Architecture Path-aware networking: sender knows packets path Enables geo-fencing

  1. SCION: A Secure Multipath Interdomain Routing Architecture Adrian Perrig Network Security Group, ETH Zürich

  2. SCION: Next-generation Internet Architecture ▪ Path-aware networking: sender knows packet’s path ▪ Enables geo-fencing ▪ Multi-path communication ▪ Caution: use is highly addictive! ▪ Highly available communication ▪ Secure by construction ▪ BGP-free Internet communication ▪ Improved network operation ▪ Higher network utilization ▪ Advanced traffic engineering 2

  3. SCION Architecture Design Goals ▪ High availability, even for networks with malicious parties • Adversary: access to management plane of router • Communication should be available if adversary-free path exists ▪ Secure entity authentication 
 that scales to global heterogeneous (dis)trusted environment ▪ Flexible trust: enable selection of trust roots ▪ Transparent operation: clear what is happening to packets and whom needs to be relied upon for operation ▪ Balanced control among ISPs, senders, and receivers ▪ Scalability, efficiency, flexibility 3

  4. SCION Overview ▪ Control plane: How to find end-to-end paths? ▪ Path exploration ▪ Path registration ▪ Data plane: How to send packets ▪ Path lookup ▪ Path combination ▪ Deployment ▪ Demos 4

  5. Approach for Scalability: Isolation Domain (ISD) ▪ Isolation Domain (ISD): grouping of ASes ▪ ISD core: ASes that manage the ISD ▪ Core AS: AS that is part of ISD core ▪ Control plane is organized hierarchically ▪ Inter-ISD control plane TRC ▪ Intra-ISD control plane TRC TRC TRC TRC 5

  6. Intra-ISD Path Exploration: Beaconing ▪ Core ASes K, L, M initiate Path-segment Construction Beacons (PCBs), or K M L “beacons” ▪ PCBs traverse ISD as a flood P N to reach downstream ASes O ▪ Each AS receives multiple S Q PCBs representing path R segments to a core AS 6

  7. PCB Contents ▪ A PCB contains an info field with: ▪ PCB creation time K M 3 ▪ Each AS on path adds: 2 1 M: L • Info field ▪ AS name • Timestamp • ISD: Blue • Hop field 1 2 ▪ Hop field for data-plane • Out: 1 N P • Expiration, MAC 4 • Signature 3 forwarding O P: • Hop fields • In: 2, Out: 3 ▪ Link identifiers • Peering: 4, Out: 3 • Expiration, MAC • Signature S Q ▪ Expiration time ▪ Message Authentication Code R (MAC) ▪ AS signature 7

  8. Inter-ISD Path Exploration: 
 Sample Core-Path Segments from AS T I J T U A B K M V Y Z W L X C E C’ D N P B’ O A’ F H E’ D’ S Q G R 8

  9. Up-Path Segment Registration ▪ AS selects path segments to announce K M as up-path segments L for local hosts ▪ Up-path segments are P N O registered at local path Path server servers S Q R 9

  10. Down-Path Segment Registration ▪ AS selects path Core segments to announce path server K M as down-path L segments for others to use to communicate P N with AS O ▪ Down-path segments S Q are uploaded to core R path server in core AS 10

  11. Ingress and Egress Interface Identifiers ▪ Each AS assigns a unique integer identifier to each interface that connects to a neighboring AS K M ▪ The interface identifiers identify 1 2 L 3 5 4 ingress/egress links for traversing AS P N ▪ ASes use internal routing protocol to 1 2 3 O 9 4 8 find route from ingress SCION border 5 7 6 router to egress SCION border router S Q ▪ Examples 2 1 R ▪ Yellow path: L:4, O:3,6, R:1 ▪ Orange path: L:5, O:2,6, R:1 11

  12. SCION Overview ▪ Control plane: How to find end-to-end paths? ▪ Path exploration ▪ Path registration ▪ Data plane: How to send packets ▪ Path lookup ▪ Path combination ▪ Deployment ▪ Demos 12

  13. Path Lookup ▪ Steps of a host to obtain path segments ▪ Host contacts RAINS server with a name 
 H → RAINS: www.scion-architecture.net 
 RAINS → H: ISD X, AS Y, local address Z ▪ Host contacts local path server to query path segments 
 H → PS: ISD X, AS Y 
 PS → H: up-path, core-path, down-path segments ▪ Host combines path segments to obtain end-to-end paths, which are added to packets 13

  14. Path Lookup: Local ISD ▪ Client requests path segments to <ISD, AS> from local path server ▪ If down-path segments are not locally K M cached, local path server send request L to core path server ▪ Local path server replies P N ▪ Up-path segments to local ISD core O ASes S ▪ Down-path segments to <ISD, AS> Q ▪ Core-path segments as needed to R connect up-path and down-path segments 14

  15. Path Lookup: Remote ISD ▪ Host contacts local path server requesting <ISD, T U AS> ▪ If path segments are not cached, local path server K M V Y Z will contact core path W L server X ▪ If core path server does N P C’ B’ not have path segments O A’ cached, it will contact remote core path server E’ D’ S Q ▪ Finally, host receives up-, core-, and down-segments R 15

  16. Path Construction ISD core A B C D E source destination up-segment core-segment down-segment (intra-ISD PCB) (core PCB) (intra-ISD PCB) INF INF INF AS C ’s entry AS D ’s entry AS D ’s entry … … … CONTROL PLANE HF HF HF … … … AS B ’s entry AS C ’s entry AS E ’s entry … … … HF HF HF … … … AS A ’s entry … forwarding path HF (in SCION header) … INF HF DATA PLANE HF HF INF HF HF INF HF 16 HF

  17. SCION Overview Summary ▪ Complete re-design of network architecture 
 resolves numerous fundamental problems • BGP protocol convergence issues • Separation of control and data planes • Isolation of mutually untrusted control planes • Path control by senders and receivers • Simpler routers (no forwarding tables) • Root of trust selectable by each ISD ▪ An isolation architecture for the control plane, 
 but a transparency architecture for the data plane. 17

  18. Outline ▪ Control plane: How to find end-to-end paths? ▪ Path exploration ▪ Path registration ▪ Data plane: How to send packets ▪ Path lookup ▪ Path combination ▪ Deployment ▪ Demos 18

  19. Deployment @ ETH SWITCH Swisscom BR BR BR BR ETH Legacy device SCION border router 19

  20. SCION-IP Gateway (SIG) Deployment ISP C BR BR A BR BR FW BR ▪ Communication patterns BR B • A - B: SCION • A - C: IP • B - C: IP Legacy device SCION border router SIG 20

  21. Carrier-grade SIG Supports SCION Devices ISP C BR BR A BR BR FW POP ▪ Communication patterns AR B • A - B: SCION (SIG - CG-SIG) • Private address 
 • A - C: IP (SIG) space network 
 Legacy device (not publicly routed) • B - C: IP (CG-SIG) SCION border router • Not SCION aware SIG Carrier-grade SIG 21

  22. How to make this work? ▪ SIG handles legacy IP traffic ▪ If destination is reachable through SCION, encapsulate IP packet and send it to remote SIG over SCION network ▪ Otherwise, send packet through IP ▪ Carrier-Grade SIG (CG-SIG) handles all traffic to destination ▪ NAT for destination network ▪ Destination is not publicly reachable — DDoS defense ▪ Destination does not need to establish an AS 22

  23. SCIONLab SCION Network SCION AS SCIONLab AS Core link Peering link SCIONLab User 23 Prov.-Cust. link

  24. Global SCIONLab Network ▪ https://www.scionlab.org ▪ Collaboration with David Hausheer @ Uni Magdeburg 24

  25. Use Case: Internet Backup through SCIONLab 25

  26. Commercial SCION Network ▪ Deutsche Telekom, Swisscom, SWITCH, Init7 offer SCION connections (as test) on a commercial SCION network ▪ Several banks and Swiss government are running trial deployments • One large bank has been running production traffic over SCION since August 2017 26

  27. How to obtain a SCION Connection? ▪ Individual: SCIONLab https://www.scionlab.org • SCION AS running on VM within 10 minutes ▪ University, research lab • SWITCH, DFN can (soon) provide SCION connections • David Hausheer @ Uni Magdeburg has set up SCION VMs at GEANT <hausheer@ovgu.de> ▪ Corporation, Government entity • Swisscom • Deutsche Telecom <markus.seipel@telekom.de> 27

  28. Conclusions ▪ It is possible to evolve Layer 3: SCION is a secure Internet architecture that we can use today ▪ Strong properties for high-availability communication • Multipath routing architecture offers multitude of path choices for meaningful diverse path selection • For some cases, lower latency than in today’s Internet • Fast failover providing business continuity • Prevention of routing attacks • Built-in DDoS defense mechanisms 28

  29. SCION Commercialization ▪ Founded Anapaya Systems in June 2017 ▪ 4 founders: David Basin, Sam Hitz (CEO), Peter Müller, Adrian Perrig ▪ Several banks and ISPs are customers ▪ https://www.anapaya.net

  30. Online Resources ▪ https://www.scion-architecture.net ▪ Book ▪ Papers ▪ Videos ▪ Tutorials ▪ Newsletter signup ▪ https://www.scionlab.org ▪ SCIONLab testbed infrastructure ▪ https://www.anapaya.net ▪ SCION commercialization ▪ https://github.com/scionproto/scion ▪ Source code 30

Recommend

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing

DIMACS Workshop On Secure Routing March 10, 2010 How Secure are Secure How Secure are Secure Interdomain Routing Protocols? Interdomain Routing Protocols? $ $ Sharon Goldberg Microsoft Research &amp; Boston University y Michael Schapira

701 views • 54 slides
Models and Tools for the High-Level Simulation of a Name-Based Interdomain Routing Architecture

Models and Tools for the High-Level Simulation of a Name-Based Interdomain Routing Architecture

I NTRODUCTION P ROBLEM A PPLICATION -D RIVEN H IGH -L EVEL S IMULATION S IMULATION C OMPONENTS R ESULTS Models and Tools for the High-Level Simulation of a Name-Based Interdomain Routing Architecture Kari Visala, Andrew Keating Helsinki

236 views • 20 slides
Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business

Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business

Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business relationships between ASes Interdomain routing using BGP Advertisements Routing policy Integration with intradomain routing Routing

748 views • 37 slides
SCION A Next-Generation Secure Internet Architecture Prof. Dr. Adrian Perrig Prof. Dr. David

SCION A Next-Generation Secure Internet Architecture Prof. Dr. Adrian Perrig Prof. Dr. David

SCION A Next-Generation Secure Internet Architecture Prof. Dr. Adrian Perrig Prof. Dr. David Hausheer Juan A. Garca-Pardo Dr. Markus Legner SIGCOMM-Tutorial, August 14, 2020 Meet the Instructors Adrian Perrig [AP] David Hausheer [DH]

1.56k views • 78 slides
SCION: Architecture Overview Adrian Perrig Network Security Group, ETH Zrich SCION Project

SCION: Architecture Overview Adrian Perrig Network Security Group, ETH Zrich SCION Project

SCION: Architecture Overview Adrian Perrig Network Security Group, ETH Zrich SCION Project Team SCION: S calability, C ontrol, and I solation O n N ext-generation networks Core team: Daniele Asoni, Chen Chen, Laurent Chuat, Sergiu

230 views • 22 slides
IP Routing: Interdomain CS/ECE 438: Spring 2014 Instructor: Matthew Caesar

IP Routing: Interdomain CS/ECE 438: Spring 2014 Instructor: Matthew Caesar

IP Routing: Interdomain CS/ECE 438: Spring 2014 Instructor: Matthew Caesar http://courses.engr.illinois.edu/cs438/ Internet Routing So far, only considered routing within a domain Many issues can be ignored in this setting because

1.25k views • 75 slides
Interdomain Routing and Games Hagay Levin Michael Schapira Aviv Zohar Abstract We

Interdomain Routing and Games Hagay Levin Michael Schapira Aviv Zohar Abstract We

Interdomain Routing and Games Hagay Levin Michael Schapira Aviv Zohar Abstract We present a game-theoretic model that captures many of the intricacies of interdomain routing in todays Internet. In this model, the strategic agents are

429 views • 17 slides
CSE 461 Section 7 5/18/2017 JOHN ABERCROMBIE The interdomain routing problem Each AS determines

CSE 461 Section 7 5/18/2017 JOHN ABERCROMBIE The interdomain routing problem Each AS determines

CSE 461 Section 7 5/18/2017 JOHN ABERCROMBIE The interdomain routing problem Each AS determines its own routing policies One AS only wants to send and receive packets from the internet One AS can carry transit traffic for others if you

416 views • 15 slides
Lecture 14: Interdomain Routing CSE 123: Computer Networks Chris Kanich Quiz 2 now; Prj. 2 due

Lecture 14: Interdomain Routing CSE 123: Computer Networks Chris Kanich Quiz 2 now; Prj. 2 due

Lecture 14: Interdomain Routing CSE 123: Computer Networks Chris Kanich Quiz 2 now; Prj. 2 due Monday Lecture 14 Overview Autonomous Systems Each network on the Internet has its own goals Path-vector Routing Allows scalable, informed

229 views • 12 slides
Interdomain Routing Two types of Routing Intradomain routing Security Accomplished via

Interdomain Routing Two types of Routing Intradomain routing Security Accomplished via

253 views • 10 slides
Towards a Realistic Model of Incentives in Interdomain Routing: Decoupling Forwarding from

Towards a Realistic Model of Incentives in Interdomain Routing: Decoupling Forwarding from

Static Analysis of Decoupling The Game-Theoretic Approach Towards a Realistic Model of Incentives in Interdomain Routing: Decoupling Forwarding from Signaling Aaron D. Jaggard DIMACS Rutgers University Joint work with Vijay Ramachandran

729 views • 38 slides
CIDR: Classless Interdomain Routing Surasak Sanguanpong nguan@ku.ac.th

CIDR: Classless Interdomain Routing Surasak Sanguanpong nguan@ku.ac.th

1/10 CIDR: Classless Interdomain Routing Surasak Sanguanpong nguan@ku.ac.th http://www.cpe.ku.ac.th/~nguan Last updated: July 9, 2002 Applied Network Research Group Department of Computer Engineering, Kasetsart

448 views • 6 slides
Toward Programmable Interdomain Routing Qiao Xiang 1 , J. Jensen Zhang 1, 2 , Franck Le 3 , Y.

Toward Programmable Interdomain Routing Qiao Xiang 1 , J. Jensen Zhang 1, 2 , Franck Le 3 , Y.

Toward Programmable Interdomain Routing Qiao Xiang 1 , J. Jensen Zhang 1, 2 , Franck Le 3 , Y. Richard Yang 4, 1 1 Yale University, 2 Tongji University, 3 IBM T.J. Watson Research Center, 4 Peng Cheng Laboratory, 07/30/2020, ACM/IRTF ANRW'20

692 views • 42 slides
Verified Secure Routing David Basin ETH Zurich EPFL, Summer Research Institute June 2017

Verified Secure Routing David Basin ETH Zurich EPFL, Summer Research Institute June 2017

Verified Secure Routing David Basin ETH Zurich EPFL, Summer Research Institute June 2017 Team Members Verification Team Scion Design &amp; Development Team Information Security David Basin Tobias

696 views • 55 slides
Cryptographic Approaches for Securing Routing Protocols Adrian Perrig perrig@cmu.edu Why Secure

Cryptographic Approaches for Securing Routing Protocols Adrian Perrig perrig@cmu.edu Why Secure

Cryptographic Approaches for Securing Routing Protocols Adrian Perrig perrig@cmu.edu Why Secure Routing? Current routing protocols assume trusted environment! Even misconfigurations severely disrupt Internet routing Secure routing

245 views • 22 slides
Impact of Path Performance on Concurrent Multipath Transmission within Routing Overlays K.

Impact of Path Performance on Concurrent Multipath Transmission within Routing Overlays K.

8 th Wrzburg Workshop on IP: Joint EuroNF, ITC, and ITG Workshop on &quot;Visions of Future Generation Networks (EuroView2008) Impact of Path Performance on Concurrent Multipath Transmission within Routing Overlays K. Tutschku, T.

475 views • 10 slides
Investigating Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David

Investigating Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David

Investigating Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David Choffnes 2 , Italo Cunha 3 , Phillipa Gill 1 , Ethan Katz-Bassett 4 1 Stony Brook University, 2 Northeastern University, 3 Universidade Federal de Minas

426 views • 3 slides
Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David Choffnes 2 ,

Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David Choffnes 2 ,

Investigating Interdomain Routing Policies in the Wild Ruwaifa Anwar 1 , Haseeb Niaz 1 , David Choffnes 2 , Italo Cunha 3 , Phillipa Gill 1 , Ethan Katz-Bassett 4 1 Stony Brook University, 2 Northeastern University, 3 Universidade Federal de Minas

363 views • 11 slides
Multipath TCP Architecture: Towards Consensus Towards Consensus draft-ford-mptcp-architecture-01

Multipath TCP Architecture: Towards Consensus Towards Consensus draft-ford-mptcp-architecture-01

Multipath TCP Architecture: Towards Consensus Towards Consensus draft-ford-mptcp-architecture-01 Alan Ford &lt;alan.ford@roke.co.uk&gt; Goals of Draft Overview of MPTCP Motivation and goals for Multipath TCP Functional architecture

298 views • 14 slides
A Self-healing Multipath Routing Protocol Thomas Meyer, Lidia Yamamoto, Christian Tschudin

A Self-healing Multipath Routing Protocol Thomas Meyer, Lidia Yamamoto, Christian Tschudin

A Self-healing Multipath Routing Protocol Thomas Meyer, Lidia Yamamoto, Christian Tschudin Computer Science Department, University of Basel, Switzerland BIONETICS 2008, Hyogo, Japan November 26 th 2008 Motivation Today's software depends on

676 views • 28 slides
External Routing External Routing BGP JeanYves Le Boudec Fall 2009 Self Organization 1 1

External Routing External Routing BGP JeanYves Le Boudec Fall 2009 Self Organization 1 1

COLE POLYTECHNIQUE FDRALE DE LAUSANNE External Routing External Routing BGP JeanYves Le Boudec Fall 2009 Self Organization 1 1 Contents A. What InterDomain Routing does 1 1. Inter Domain Routing Inter Domain Routing 2.

1.3k views • 91 slides
Multipath Transport, Resource Pooling, and implications for Routing Mark Handley , UCL and XORP,

Multipath Transport, Resource Pooling, and implications for Routing Mark Handley , UCL and XORP,

Multipath Transport, Resource Pooling, and implications for Routing Mark Handley , UCL and XORP, Inc Also: Damon Wischik , UCL Marcelo Bagnulo Braun , UC3M The members of Trilogy project: www.trilogy-project.org A few things that will stress

283 views • 27 slides
Multipath Transport, Resource Pooling, and implications for Routing Mark Handley , UCL and XORP,

Multipath Transport, Resource Pooling, and implications for Routing Mark Handley , UCL and XORP,

Multipath Transport, Resource Pooling, and implications for Routing Mark Handley , UCL and XORP, Inc Also: Damon Wischik , UCL Marcelo Bagnulo Braun , UC3M The members of Trilogy project: www.trilogy-project.org A few things that will stress

277 views • 25 slides
Interdomain Routing Decisions Mingchen Zhao * Wenchao Zhou * Alexander Gurney * Andreas Haeberlen *

Interdomain Routing Decisions Mingchen Zhao * Wenchao Zhou * Alexander Gurney * Andreas Haeberlen *

Private and Verifiable Interdomain Routing Decisions Mingchen Zhao * Wenchao Zhou * Alexander Gurney * Andreas Haeberlen * Micah Sherr + Boon Thau Loo * * University of Pennsylvania + Georgetown University 1 SIGCOMM 2012 (August 16, 2012)

647 views • 45 slides

More recommend