The Internet uses the Border Gateway Protocol (BGP) for global connectivity.
BGP propagates prefix announcements between Autonomous Systemes (ASes) so that
any host on the Internet can reach all other hosts.
The important assumption in its operation is that all BGP speakers trust each
other and consider all BGP announcements as valid. However, this assumption leads
to attacks such as prefix hijacking or route leaks.
The goal of the PhD thesis is to analyze the existing solutions and explore a new scheme based on DANE/TLSA for signing BGP advertisements. The idea is to consider how we can achieve trustful global routing by taking advantage of advanced features of DNS (DNSSEC and DANE) to provide lightweight validation of BGP announcements.
To help us track our recruitment effort, please indicate in your cover//motivation letter where (vacanciesin.eu) you saw this job posting.