Secure Internet Routing
By Bob Cannon, Senior Telecommunications Policy Analyst, NTIA
My name is Bob. I am number six.
Do you believe me?
If I were wrong… would you know?
In the 1960s television show “The Prisoner,” retired secret agents are held captive in a place known only as “The Village” and assigned numbers to replace their identities. Protagonist “Number Six” quickly learns that what one claims to be and what one is can be two different things.
Internet routing is a bit like life in The Village. One network whispers to a second that it is number six. The second network then tells two other networks that it can send traffic to number six. And those two networks tell two more networks that they can reach the network that reaches number six. And so on. Networks make routing decisions based on these whispers, following the path back to the network that says it is number six. Sometimes those whispers are right. Sometimes they are wrong. When they are wrong, Internet traffic can go astray.
In 1997, for example, a Virginia network whispered that it was the preferred, shortest route to the full Internet. This, of course, was wrong. The network’s upstream backbone providers, however, heard the network’s claim and whispered it to others. And so on. The full Internet could now be found at the end of a small network in Virginia. The Internet went tilt. Alarms went off and phones began to ring. The Virginia network disconnected itself, but the bad announcements were repeatedly whispered by other networks. It took hours for the Internet to recover. In its aftermath, networks implemented new routing security measures.
Routing anomalies became prevalent over time. In 2008, the Government of Pakistan demanded that its state-owned telecommunications provider, Pakistan Telecom, block YouTube. To carry out this directive, Pakistan Telecom mistakenly announced that it was a route to YouTube. Neighboring networks believed the announcement, causing traffic intended for YouTube to be delivered to Pakistan Telecom. YouTube traffic disappeared into Pakistan Telecom’s self-created routing black hole.
These are but two prominent examples. Over the years, the Internet’s “whisper”-based routing framework has given rise to numerous kerfuffles of various types. Normally, these routing incidents result from innocent misconfigurations that disrupt service. They can also be malicious, used in combination with other attacks to commit espionage, steal financial assets, compromise systems, and interfere with communications.
Why have these kerfuffles persisted? In part, because there is no one solution. But also, in part, because we have not taken some simple steps that would do a lot of good. Too often routing security is not seen as a priority… until routing melts down. It’s generally a bad practice to secure one’s home only after it’s been robbed. Core Internet network services are leading adoption of secure routing infrastructures, but lagging sectors, including government networks, need to catch up.
Fortunately, the White House’s new National Cybersecurity Strategy agrees that routing security is a “pervasive concern” and that we need a “clean up effort to reduce systemic risk.” Specifically, the strategy calls for close collaboration between the public and private sectors to identify security challenges, develop security measures, drive adoption, and support research, and for the federal government to implement routing security measures.
Routing security has long been on the national agenda, having first been identified as a White House priority in 2003. Since that time, we have made progress. In 2006, the Department of Homeland Security’s Science & Technology Directorate released the Secure Protocols for the Routing Infrastructure Road Map and began funding private-sector development of crucial routing security measures. In 2011, 2013, and again in 2017, the Federal Communications Commission convened stakeholders and developed best practices. The National Institute of Standards and Technology has been engaging the technical community, issuing expert guidance, advancing standardized solutions, and measuring adoption. The National Science Foundation has been funding academic research. We have mature solutions that are being implemented today.
We also have unresolved vulnerabilities. The Department of Commerce is taking a leadership role in addressing routing security. NIST continues to engage the technical community advancing solutions such as ASPA and BARSAV. NTIA has been engaging stakeholders to gain wisdom on how the U.S. government can effectively improve our security posture. We are working with the White House and other agencies to implement the National Cybersecurity Strategy.
We need to reengage the network community to develop solutions for remaining problems and to promote greater adoption. As the Dept. of Commerce stated in the 2018 Botnet Report, “The federal government should lead by example and demonstrate practicality of technologies, creating market incentives for early adopters.” This is what we are now seeking to do for routing security.
In many episodes of “The Prisoner,” the hero devised a plan to escape captivity, and thought he had succeeded, only to learn that he had been fooled and was in fact still imprisoned. In contrast, there are means of escaping Internet routing security woes. In “The Village,” one claiming to be Number Six could in fact be Number Four, Number Five, or 007. On the Internet, we can and should be able to know that Number Six is Number Six.
For Further Reading:
- In re Internet Routing Security, Notice of Inquiry, FCC Dkt. 22-90 (Feb. 28, 2022).
- Reply Comments of the National Telecommunications and Information Administration, FCC Dkt. 22-90 (filed May 10, 2022).
- Reply Comments of the Cybersecurity and Infrastructure Security Agency, FCC Dkt. 22-90 (filed Jul. 7, 2022).
- Ex Parte of the U.S. Department of Justice, National Security Division, and U.S. Department of Defense, Acquisition and Sustainment, FCC Dkt. 22-90 (filed Sept. 14, 2022).
- Protecting the Integrity of Internet Routing: Border Gateway Protocol (BGP) Route Origin Validation, NIST Spec. Pub. 1800-14 (2019).
- Resilient Interdomain Traffic Exchange: BGP Security and DDoS Mitigation, NIST Special Publ’n 800-189 (2019)
- Mutually Agreed Norms for Routing Security (MANRS) (a global initiative that helps reduce the most common routing threats.)
- BGP Incidents, mitigation techniques and policy actions, OECD Report (2022).
- Briefing on Routing Security, ICANN Security and Stability Advisory Committee (2022).
- Security of the Internet’s Routing Infrastructure, Broadband Internet Technology Advisory Group (2022).