Securing Internet Applications from Routing Attacks
It addresses security vulnerabilities in Internet routing that affect users of applications like Tor and bitcoin, highlighting an incremental need for improved defenses.
The paper surveys application-specific routing attacks that threaten critical Internet applications like Tor and bitcoin, arguing that both application-layer and network-layer defenses are urgently needed to secure these systems.
Attacks on Internet routing are typically viewed through the lens of availability and confidentiality, assuming an adversary that either discards traffic or performs eavesdropping. Yet, a strategic adversary can use routing attacks to compromise the security of critical Internet applications like Tor, certificate authorities, and the bitcoin network. In this paper, we survey such application-specific routing attacks and argue that both application-layer and network-layer defenses are essential and urgently needed. While application-layer defenses are easier to deploy in the short term, we hope that our work serves to provide much needed momentum for the deployment of network-layer defenses.