Volume 23, No.4
Journal of Harbin University of Commerce (Natural Science Edition) August 2007
Journal of Commercial University (Natural Science Edition)
Volume 23, No.4
August 2007
Date of receipt: May 22, 2006.
About the author: Li Changshan, male, Ph.D., senior engineer, tutor for master students, research interests: virtual reality technology, computer network security 1.
Research on the Security of OSPF Routing Protocol with Digital Signature Protection
Li Changshan 1
, Qian Zhijun 2
, Yang Youhong 2
(1. Information Center of Daqing Petroleum Administration Bureau, Daqing, Heilongjiang153453; 2. School of Computer and Information Engineering, Daqing Petroleum Institute, Heilongjiang Daqing 163453)
Abstract: OSPF routing protocol is one of the most widely used link-state protocols in the network, which is used to distribute routing information on the network, but
However, this important protocol, which is responsible for distributing routing information on the Internet, did not have effective security measures at the beginning of its formulation. Therefore,
IETF puts forward OSPF routing protocol with digital signature protection, and expounds the design idea and implementation of OSPF protocol with digital signature protection.
Technology, an experimental network composed of routers with digital signature protection function is constructed, and the digital signature scheme of routing protocol is simulated.
Test and obtain the data of the system. On this basis, the security characteristics of OSPF protocol protected by digital signature are analyzed.
Keywords: router; First, open the shortest path; Autonomous system; Maximum age; Digital signature; Link status announcement
China Library Classification Number: TP393 Document Identification Number: A Document Number:1672-0946 (2007) 04-00484-04.
Research on Security of OSPF Routing Protocol Based on Digital Signature Protection
Yichang mountain
1
, Angela Zhijun
2
Yang youhong
2
(1. Information Department of Sports Center of Daqing Petroleum Administration Bureau, Daqing163453; 2. Our school
Computer and Engineering Information, Daqing Petroleum Institute, Daqing 163453
Absrtact: OSPF routing protocol is one of the most popular link-state protocols. routine
The protocol used to spread horse routing information on the whole Internet is not Protocol 2.
Prevent intruders or faulty routers. For these reasons, IETF added digital signature.
Protect OSPF. This paper analyzes its security features and implementation methods.
Using OSPF routing protocol and digital signature protection, a routing network is constructed.
There are four digital signatures on the sOSPF router. And analyze these data.
According to the experiment.
Keywords: outside R; OSPF; AS; Maximum age; Digital signature; Level Shift Amplifier (level shift amplifier)
Considering the security of routing protocols, it is generally believed that there are
It is necessary to strengthen the slightly thin security of current routing protocols.
Open shortest path first, OS2)
PF) is one of the most widely used interior gateway routing protocol.
(IGP), which provides simple key authentication, but is not suitable for transmission between neighbors.
MD5 key authentication in the packet is in progress.
Medium [1]
Simple key authentication is an insecure authentication measure because
Because in the process of key transmission, anyone can intercept it.
MD5 key authentication is an effective authentication measure, but
It cannot guarantee the accuracy of the source of routing information [2]
.
Routing information security issues in autonomous systems mainly include
Second: First, intruders tamper with, delete or risk routing information.
The router in the billing network sends false routing information; The second is the emergence.
A faulty router, and we didn't know there was something wrong with the router.
obstacle
Based on the above security risks, IETF proposes to implement OSPF.
Current digital signature protection strategy. The core of digital signature OSPF is
Sign the LSA of OSPF.
Name. The signed information will be overwhelmed by the original information.
(floating) to a regional or autonomous system (autonomous)
System), the signature will make the chain
Link state information (link state information) is protected end-to-end and provides source accuracy for the destination router.
Guarantee [3, 4]
.
Digital signature protection of 1 OSPF
Management and distribution of 1 1 key
Digital signature protection OSPF uses asymmetric key technology.
Now, the source router has a pair of public key and private key, and a slave te.
(trusted entity) and adopt LSA.
The public key is divided into two parts based on floating reliable distribution mechanism.
Send it out to ensure that every router that accepts its LSA can
Received the public key for decryption. This is based on the distribution of floods
This mechanism is implemented based on a new LSA.
LSA is pklsa (public key l ink status advertisement 2.
The structure of. Pklsa is shown in figure 1.
Figure 1 PKLSA structure diagram
For routers in the area, it
PKLSA does not flood outside the region, that is to say, it floods outside the region.
Routers do not need to know the routes in the area [5]
When a road
This router receives a PK LSA from another router in the area.
The router uses the public key of the authentication entity (TE) it owns.
Verify the certificate, and if it passes the verification, save this PK LSA to the linked form.
State database (LSDB) for checking LSA information in the future.
Certificate [6]
.
Signature and authentication of 1.2 LS A
A signature method for the header information of LS A is proposed.
In this scheme, the signature of the larger LS data part is omitted,
Such a scheme is conducive to saving roads without affecting safety.
The cost of the router. Its main basis is LS in LSA title.
The existence of checksum, LS checksum is used to detect LSA header and internal.
Fault tolerance, although this does not include the year in the LSA header.
Age field. Standard LSA of OSPF v2, its LSA title
The format is shown in Figure 2.
Figure 2 LSA header
When a router generates a digitally signed LSA, it uses the LSA.
The part excluding the age field generates a summary, and then uses the route.
The key of the device is signed, and the signed information is appended to the end of LSA.
Department, and then attach the key I D, authentication entity I D and signature length.
Degree. For the source router flooding into this area, the age is MaxAge.
LSA, sign the title of the whole LSA, including the age part.
The signed LS A format is shown in figure 3.
Figure 3 Encrypted LSA
The signed LS A is flooded to the destination router when
After receiving the signed LSA, the router uses it to obtain the LSA.
The public key of the source router that sent this LS A is used to verify the received.
LSA。 If this LSA is verified, that is, the destination router.
I believe it came from the correct source router and was not affected during the flooding.
For malicious tampering and replacement, the destination router thinks that the verification has passed and merged.
Save this received LSA for future routing calculations.
If the authentication fails, the destination router will assume that the LSA does not
From the correct source router or stolen during transmission.
If the attack changes, the destination router will discard the LS A. Otherwise,
In addition, there is a special case from the source router.
The public key of PKLSA is invalid, in which case the router will sign it.
LSA is temporarily saved for a period of time, and this temporary storage time is determined by
MAX_TRANSIT_DELAY definition, if within this time interval
If the internal router resends the PK LSA, the temporary signature will be processed.
584 No.4 Li Changshan et al: Research on the security of OSPF routing protocol protected by digital signature LSA, if not, discard the signed LSA. This can ensure that.
In case the signature LSA reaches the destination router before the PK LSA.
Useful routing information will not be discarded.
The process of signature and verification is shown in Figure 4 1.
Figure 4 Key Management and Public Key Distribution
Treatment of 1.3 age field
In OSPF protocol, the age field of LSA header
Is a very important part. This field is used to determine the LSA.
Time existing in the routing system. When the age field reaches the maximum value
When the value of MaxAge is large, the router will stop using LSA.
Once the LSA in the router arrives, the route is calculated.
MaxAge, then the router will reach the LSA with the oldest age.
Once other routers receive this message, it will flood the autonomous system.
LSA with the age field MaxAge, LS in its own database.
LSA of the same type was deleted. Similarly, according to the above principles, routing
There is also a mechanism of premature aging.
In the premature process, the source router sets the age field of LSA.
For MaxAge and re-flooding LSA, you can learn from the redundant LSA.
Delete this LSA [7,8] in the distributed database.
1
Due to the importance and fragility of the above-mentioned age field
Features, so that in the process of signing LSA, you must
It can protect. However, the age field is defined by the
Sometimes it must be modified by the router, which in turn makes this field digitally represented.
It is difficult to protect the signature. To protect the age field, only when
Only when the value of the Age field is MaxAge can it be overwritten; Similarly, only
The age field is valid only when the age is the maximum age. Yes
Only LSA with the age field of MaxAge can be generated.
Only the source router can sign the age field of this LS A.
Protection; Similarly, when the router receives the LSA, if the LSA
The age field of is MaxAge and is covered by a digital signature, but
The router that digitally signed it is not the source of LSA.
Router, router will give up this LSA. The above rules
Then, the router that generates the signature LS A can pass prematurely or normally.
The mechanism of deleting LSA from redundant distributed database, and
It can protect the LSA generated by it from being tampered with by other malicious routers.
Age field [9, 10]
.
Security analysis of digital signature OSPF
2. 1 experimental environment
The topological structure of the experimental environment is shown in Figure 5, and four groups have digital labels.
A router ring supporting OSPF forms a network. It should be noted that when
When one of them fails, it will not affect the operation of the whole network.
Data will automatically bypass the failed router.
Figure 5 Routing Domain Topology
2. Two attacks on serial numbers
The sequence number is an important field in the LSA header. When a man
When two routers have two instances of the same LSA, they can use.
Compare the LS serial number fields of instances to determine which is newer. because
The LSA of OSPF is spread by floods, so it is floods.
The intruder or the wrong router may be correct.
LSA information attack, tampering with its content. Attack sequence number
There are two kinds of attacks: serial number plus one attack and maximum serial number attack.
1 species, maximum serial number attack: the attacker directly sends the LSA serial number.
Change the value of to a positive maximum value of 0x7fffffff and recalculate the checksum.
After flooding, the LSA will maintain the maximum value in the routing domain.
Time is cleared, which delays the update of routing information. See table 1.
As shown in the figure, the link state I D of LSA is 10. 8.6. 123 is because of LS.
If the sequence number is artificially modified to the maximum value, it is in the link state data.
When the database stays at MaxAge- 1, which is 59 minutes in the system.
It has not been cleared.
LSADB under table 1 maximum sequence number attack
Link status I D LS serial number checksum age10.8.6.123 0x7fffffff 0xbe17 59.
10.8.6.2 0x 800000003 0xf 1da 1 1
10.8.6.3 0x 80000009 0x 10 1f 2 1
10.8.6. 1 0x 80000007 0x 49 17 17
684. Journal of Harbin University of Commerce (Natural Science Edition) Volume 23 In the digital signature system, this LSA modifies the LS sequence.
Column number, resulting in verification failure, so the link state I D is 10. 8.6.
The LSA of 123 was abandoned, as shown in Table 2.
Table 2 LSDB with digital signature
Link status I D LS serial number checksum term
10.8.6.2 0x 800000003 0x 12 F2 12
10.8.6.3 0x80000009 0x393a 2 1
10.8.6. 123 0x 80000007 0x 1f 27 3
Second, the sequence number plus 1 attack, and the LS sequence is in the LSA header.
Larger instances are designated as newer, and the OSPF protocol will
Replace the old examples with the latest ones. In the experiment, we
Imitate the attacker, add one to the serial number of LSA, and then repeat.
Calculate the checksum of LSA and expand it. It keeps repeating.
Through this operation, the network becomes very unstable under this operation.
After digital signature is adopted, once the serial number is modified, that is,
Recalculating the checksum is not helpful because there is no private key for signing.
And can not be re-signed, such LSA is at the receiving router.
Validation error and discarded.
2.3 Maximum age attack
After intercepting LS A, the attacker sets the age field of LS to
MaxAge, because the age field is not within the scope of checksum calculation,
Therefore, this LSA can be flooded without calculating the checksum. Have you received it?
Routers with this LSA error will be cleared from their database.
The wrong LSA is the correct LSA with the same sequence number, which leads to routing.
Information loss [1 1]
. Although OSPF·V2 stipulates that only this generation.
Only the source router of LSA can set the age field of LSA to.
MaxAge, but these measures can't effectively prevent a mistake.
Router launches maximum age attack [12]
In digitally signed OSPF.
, LS A must be for LSA with MaxAge field.
Signed only by the originating router that generated the LSA,
This verification at the receiving end can effectively prevent intruders from putting
The age field is changed to the maximum age. However, OSPF with digital signature does not.
It cannot prevent intruders from modifying the age value to a value close to Max2.
Because the age field of LSA is set to non.
MaxAge values do not need to be signed. However, such an attack can only
Speed up the update of LSA in the router, but it can't give the route.
Domains pose a serious security threat.
3 Conclusion
OSPF's digital signature protection greatly strengthens routing.
Security of information transmission in the domain. With the protection of digital signature.
Defense, the attacker's tampering with routing information can always be verified at the receiver.
It is proved that the error information is discarded, thus purifying the routing information.
The OSPF signature scheme proposed in this paper not only ensures security, but also
The cost of the router is well reduced, and the experiment shows that the scheme is complete.
Both are feasible. In the case of the above scheme and experiment, digital signature
A comprehensive analysis of the security of OSPF protocol is the first step.
Using digital signature is beneficial to improve the security of OSPF protocol.
Work.
References:
Murphy s, Badger M, Jing I Lingdun B. RFC2 154 [R].
OSPF with digital signature, June, 1997.
[2] John Moi RFC2328. OSPF version 2 [R] 1 Ap ril, 1998.
[3] Guo Wei, Yu Yahua. Research on public key distribution mechanism of digital signature OSPF.
[J]。 Journal of Jianghan University: Natural Science Edition, 2003,31(3): 46-481
Li Peng, Wang Shaodi, Wang Ruchuan, et al. OSPF routing protocol with digital signature.
On safety research [J]. Journal of Nanjing University of Posts and Telecommunications, 2005,25 (2): 86-901
[5] MURPHY S, Badger M. Protection of digital signature
OSPF Routing Protocol [C]/1996 Proceedings 2
Network and distributed system security,
1996.
Lu kaicheng Computer cryptography [M]. Beijing: Tsinghua University Publishing House, 1990.
[7] John TM1OSPF analyzes an Internet routing protocol [M].
Addis Unwesley, 1998. 1 1
[8] John TM 1 OSPF is fully realized [M ].[ S. l 1]: Ad2
Dis onWesley, 2000. 12 1
Cai, human. Applied cryptography [M]. Beijing: China Electric Power Press,
2005.
Mohan a, Ben j, Hammond. Digital signature [M]. [ S。
L]: McGraw Hill, 2002, 10 1
Yang Jing shetty. A low-cost and reliable OSPF verification mechanism [J].
Computer Applications, 2003,23 (12): 33-34,45.
[12] Qu, Agent Guang Hai 1 Security Architecture Based on Multi-Agent System [J] 1
Journal of Harbin University of Commerce: Natural Science Edition, 2005,21(2):182-185,
249 1
Li Changshan, 4,784, et al: Research on the security of OSPF routing protocol with digital signature protection.