Privacy-preserving Cross-domain Routing Optimization -- A Cryptographic Approach
This work addresses the need for efficient privacy protection in cross-domain routing for enterprise and data center networks, offering a domain-specific solution that is incremental over existing SMPC methods.
The paper tackles the problem of slow privacy-preserving cross-domain routing optimization by introducing PYCRO, a cryptographic protocol for SDN environments that efficiently computes policy-compliant shortest paths and bandwidth allocation while protecting domain privacy, with experimental results demonstrating high efficiency in computation and communication costs.
Today's large-scale enterprise networks, data center networks, and wide area networks can be decomposed into multiple administrative or geographical domains. Domains may be owned by different administrative units or organizations. Hence protecting domain information is an important concern. Existing general-purpose Secure Multi-Party Computation (SMPC) methods that preserves privacy for domains are extremely slow for cross-domain routing problems. In this paper we present PYCRO, a cryptographic protocol specifically designed for privacy-preserving cross-domain routing optimization in Software Defined Networking (SDN) environments. PYCRO provides two fundamental routing functions, policy-compliant shortest path computing and bandwidth allocation, while ensuring strong protection for the private information of domains. We rigorously prove the privacy guarantee of our protocol. We have implemented a prototype system that runs PYCRO on servers in a campus network. Experimental results using real ISP network topologies show that PYCRO is very efficient in computation and communication costs.