NIST has published an update on its work on the new Secure Internet Domain Routing (SIDR) standards designed to provide the internet the security that is currently lacking from the Border Gateway Protocol (BGP).

BGP was designed in 1989 as a short-term fix for the earlier Exterior Gateway Protocol that could no longer handle the rapidly increasing size of the internet, and was in imminent danger of meltdown. The problem is that BGP was designed without any security, despite it being fundamental to the operation of the internet.

BGP controls the route that data takes from source to destination. It does this by keeping tabs on the availability of local stepping stones along that route. The availability of those stepping stones is maintained in regularly updated routing tables held locally. The problem is that there is no security applied to those tables -- in effect, the entire map of the internet is built on trust; and trust is in short supply in today's internet. Whole swathes of traffic can be hijacked.

"BGP forms the technical glue holding the internet together," explains NIST in Tuesday's post; "but historically, its lack of security mechanisms makes it an easy target for hacking."

http://www.securityweek.com/nist-readies-tackle-internets-global-bgp-vulnerabilities