Solving the Internet’s Identity Crisis

Researchers at the Georgia Institute of Technology are developing new tools to help ISPs verify the true owner of a network and legitimate traffic paths.

On the Internet, “nobody knows you’re a dog,” is the joke behind a famous New Yorker cartoon with a canine at the keyboard. But identity trust is a serious problem for Internet Service Providers (ISPs) who are responsible for routing billions of users to the right destination every day.

Researchers at the Georgia Institute of Technology are working on a new, multi-year project funded by the National Science Foundation, called “Resource Public Key Infrastructure,” to help end Internet trickery. It begins with new tools that allow ISPs to better verify the true owner of a network and legitimate traffic paths.

“We know it’s easy to lie on the Internet,” says primary investigator Russ Clark, a senior research scientist in the School of Computer Science at Georgia Tech. “It happens because of a weakness in the trust relationship between routing protocols. Those protocols were not designed to recognize imposters and especially not fake ISPs.”

Clark, along with Cas D’Angelo and Scott Friedrich from Georgia Tech’s Office of Information Technology and undergraduate student Sam Norris (EIA), will address the Internet identity problem with new protocols such as RPKI, the Resource Public Key Infrastructure.

Trust is determined in the router and the server resources alongside. To verify that network owners are legitimate, Georgia Tech will add a new type of server to the routing infrastructure as a first step. Next, it will update the software inside routers, gradually deploying the changes through the Southern Crossroads Internet Exchange (SoX), documenting observations, and creating a recipe for others across the United States to follow.

“This solution has been known for about the past five years, but network operators are reluctant to try it out of fear of slowing down traffic for customers in the interim,” Clark says. “The NSF tasked Georgia Tech with moving deployment along. We’re going to prove that it’s possible, work through the pains, and show others how to do it.”

The deployment will happen in phases.

In addition to Georgia Tech researchers and labs, Clark and his team help manage the Southern Crossroads (SoX) regional network where 21 member institutions come together for shared network services. The project team expects to deploy over SoX in the next year.

“In the quest to make the Internet faster, we’ve often tried to find the shortest route to a website. This is making us vulnerable,” Clark says. “Now, we need to find the smartest route.”

 

Additional Images