AI Lab logo
menu MENU

CSE Seminar

Fixing the Plumbing: Securing the Internet's Core Protocols

Sharon GoldbergAssociate ProfessorBoston University
SHARE:

Our modern communications infrastructure rests on Internet protocols that are over three decades old. This talk discusses the research challenges that arise when retrofitting security onto the Internet's core protocols, even as they continue to be in active use. I cover some of of the interesting cryptographic questions that arise when designing backwards-compatible security mechanisms. I consider security guarantees provided in realistic deployments (e.g., when some networks have deployed the secure protocol but others have not) and identify cases where the specification of a secure network protocol actually harms security or stymies deployment

The focus of the talk is on NSEC5, a scheme we developed to solve a long-standing open problem concerning the security of the Internet's domain name system (DNS). I present our cryptographic construction of NSEC5 and discuss its security properties. I then show implementation results demonstrating that NSEC5 is both practical and performant, and overview our efforts to include NSEC5 in the specification of the DNS Security Extensions (DNSSEC). Taking a broader perspective, I then discuss several challenges that arise when securing Internet routing (with BGP) and network time protocols (with NTP) and when retrofitting privacy onto cryptocurrencies (Bitcoin).
Sharon Goldberg is an associate professor in the Computer Science Department at Boston University. Her research focuses on securing the protocols that currently provide many of the global Internet's core functions. She received her Ph.D. from Princeton University in 2009, her B.A.Sc. from the University of Toronto in 2003. She has worked as a researcher at IBM, Cisco, and Microsoft, as an engineer at Bell Canada and Hydro One Networks, and has served on working groups of the Federal Communications Commission (FCC) and the Internet Engineering Task Force (IETF). She is the recipient of two IETF/IRTF Applied Networking Research Prizes, an NSF CAREER Award, and a Sloan Research Fellowship.

Sponsored by

CSE