Blockchain Based Research On BGB Routing Trusted Verification Mechanism

At the beginning of the Internet designing,BGP protocol was only responsible for the reachability of routed messages,and there was no credibility verification.This caused the BGP security problem to become more and more serious,and was vulnerable to attacks such as path forgery and prefix hijacking.Through these methods,attackers can monitor data streams,disguise identities,send illegal data,etc.,causing local and global network instability and endangering network security.Most existing trusted verification technologies use public key infrastructure as the basis of authentication,binding the identity of the AS with the public key.This traditional trusted third-party authentication framework has its advantages,but it needs to introduce a series of organizations such as CA to achieve hierarchical identity key management.The deployment process is complicated and costly,and it is subject to the inherent nature of centralized systems.Defects,there are still many problems in actual application.In response to the above problems,this paper introduces blockchain technology to achieve the trusted verification of BGP routing information.As a decentralized network architecture,blockchain has multi-center,automated,and trusted functional characteristics,which are consistent with the functional requirements of the BGP protocol.Blockchain technology can be used to get rid of the abuses of authority,difficulty in deployment,and high costs under the centralized trust system,to achieve the trusted verification of BGP routing information.Specifically,this article carried out the following three aspects of work:(1)Proposed a path proof mechanism based on double-layer blockchain.This paper introduces the blockchain technology to solve the problem of BGP path certification.Through the automatic execution of smart contracts,the nodes that issue route announcements upload the path information to the chain to deposit certificates,and the destination node queries the path information on the chain for path verification.At the same time,in order to solve the problem of the expansion of the blockchain,this paper uses the double-layer blockchain network topology of the side chain + alliance chain,which greatly improves the transaction processing speed and system throughput of the blockchain.(2)Proposed a routing source authentication mechanism based on blockchain.This paper implements the source node authentication in the routing source announcement through a smart contract hosted on the side chain,which effectively solves the problem that the traditional BGP protocol is vulnerable to prefix hijacking attacks.Compared with the existing RPKI&ROA system,the distributed authentication mechanism based on blockchain technology can greatly reduce the abuse of centralized authority,improve system security,and at the same time can provide a lightweight gateway router for receiving notifications from routing sources.Verification method.(3)Realization of prototype system and experimental analysis.This paper implements a prototype system based on the mechanisms proposed in Chapters 3 and 4.The smart contract is deployed on the side chain to provide the calling interface.Quagga is used to simulate the interaction between the BGP protocol and the smart contract.Finally,the experiment is analyzed.It has been verified that the scheme proposed in this paper can enhance the security of the BGP protocol,and at the same time can avoid the abuse of power brought by the centralized system,and is safe and efficient.