Abstract: Authentication for TCP-based Routing and Management Protocols

Ron Bonica, Juniper

This presentation describes a TCP extension that enhances security for BGP, LDP and other TCP-based protocols. It is intended for applications where secure administrative access to both the end-points of the TCP connection is normally available. TCP peers can use this extension to authenticate messages passed between one another.

The strategy described herein improves upon current practice, which is described in RFC 2385, "Protection of BGP Sessions via the TCP MD5 Signature Option." Using this new strategy, TCP peers can update authentication keys during the lifetime of a TCP connection. TCP peers can also use stronger authentication algorithms to authenticate routing messages.

Link to this presentation

Authentication for TCP-based Routing and Management Protocols - Real Video Real Video Presentation