Analysis of Impact of Trust on Secure Border Gateway Protocol

Secure Border Gateway Protocol (S-BGP) mandates that upon reception of a BGP UPDATE message, an S-BGP speaker must verify nested signatures of all nodes in the traversed path; and the router should verify the Address Attestation to check if the source has the right to announce the address prefix. Due to several digital signatures required in each UPDATE, there is a high CPU overhead associated with S-BGP. In this paper, we propose a new approach that reduces the burden of validating the AS-path and the address prefix origination. We define a control layer of trusted nodes that is comprised of major Autonomous Systems (ASes) in the network. In this environment, an AS has to verify only the signatures of intermediate ASes between itself and the last trusted node in the AS-path. Similarly, the address prefix is validated only if it was not previously validated by a trusted AS. Using an original analytical model as well as a simulation model, we measured performance metrics of the new proposal. We show that even with small ratio of trusted nodes, the new scheme can significantly reduce the number of verifications required to validate the AS-path and IP prefixes and the number of public keys required by S-BGP.