..

SCION

Introduction

  • Existing methods of inter-domain routing has insufficient security and is prone to attacks
  • SCION is a clean slate network architecture which solves many of these problems
  • The key concept in SCION is of a trust-domain. They are a group of AS which can be grouped together based on some criteria such as geographical proximity, same legal jurisdiction, etc. Basically AS that can be held accountable and can be trusted in some sense.
  • They provide two guarantees about the control plane
    • Outside entities cannot affect the traffic within a trusted domain
    • For inter domain traffics the decisions are all made by a small group of tractable trusted entities
  • This gives each TD the ability to chose which other TD to pick and trust

Limitations of current routing design

Arbitrary Information Flow

  • Once an AS announces its path it has no control over how it is propagated
  • These protocols suffer from the following:
    • Valley
    • Traversing untrusted ISPs
    • Arbitrary black hole and wormhole attacks

No joint selection

  • There is very little control in terms of inbound traffic.

Lack of Routing isolation

  • All ASs are in the same propagation domain. An advertisement by an AS has to be heard by all other AS in the world. This makes it so that two ASs can collude to create a phantom link and potentially hijack all the traffic by presenting that as a shortest path

Stale paths

  • a malicious AS can delay or drop the propagation of path updates so that stale paths are used.

SCION Design principles

  • Domain-based isolation
  • Joint decision on the routing path
  • Reduced TCB

Hierarchical Decomposition

  • Decompose the internet into units known as TD
  • Each TD has a bunch of AD which all agree on a root trust entity and can be held accountable with each other.
  • Each TD also has a clique of ADs which are all part of the TD-Core
  • TD-core are the ADs with the highest trust. They make the decisions about inter-domain traffic.