Melange
Internet policy mapped to Internet Protocols using blockchains
Brief Overview
There exist a very unique gap in the internet current architecture of the internet, Where by the ownership of the IP address is not mapped to IP protocols. Leading to attacks like BGP Hijack and BGP takedown. Melange proposes a road map for integration of IP policy to IP protocols.
Problem
The BGP Hijack
BGP Hijack is an attack where in Attacker can illegitmately take over group of IP addresses by corrupting the internet routing tables using misues of BGP protocol. The root cause of BGP hijack attack is due to lack of verification between IP address broadcasted by routers and actual ownership of IP addresses. A Clear gap of Internet policy and internet protocols.
Notable cases of BGP Hijack in history
- April 1997: The "AS 7007 incident" Earliest notable example?
- December 24, 2004: TTNet in Turkey hijacks the Internet
- May 7, 2005: Google's May 2005 Outage
- January 22, 2006: Con-Edison hijacks big chunk of the Internet
- February 24, 2008: Pakistan's attempt to block YouTube access within their country takes down YouTube entirely.
- November 11, 2008: The Brazilian ISP CTBC - Companhia de Telecomunicações do Brasil Central leaked their internal table into the global BGP table. It lasts over - 5 minutes. Although, it was detected by a RIPE route server and then it was not propagated, affecting practically only their own ISP customers and few others.
- April 8, 2010: Chinese ISP hijacks the Internet - China Telecom originated 37,000 prefixes not belonging to them in 15 minutes, causing massive outage of services globally.
- February, 2014: Canadian ISP used to redirect data from ISPs. - In 22 incidents between February and May a hacker redirected traffic for roughly 30 seconds each session. Bitcoin and other crypto-currency mining operations were targeted and currency was stolen. source
Recent BGP Takedown
Solution
blockchains + BGP Protocol
Current day blockchain like Ethereum & Tendermint hold's the answer to solve the problem of BGP Hijack. Blockchains and smart contracts provides uniform trust platform accross all connected routers. Using framework of smart contracts following task can be done
- Auction of IP address.
- Registry of ownership of IP Address
- Registry of non owned IP address
- Verification of IP address upon any route connect request.
Ideal Approach
- Ethereum and Tendermint Sidechain
Instead of using only ethereum or only tendermint chains, The ideal case would be to use ethereum public blockchain sidechained to tendermint chain. The reason to do so is ethereum public chain provides an enviroment for aution of IP address and help generate a registry of alloted IP address which would reside on tendermint due to its speed and size.
Governance and Control
- Role of IANA and Regional NIC
Changes required
- Changes in the BGP protocol design structure
- Changes in the Routers to acomodate blockchain (either ethereum and/or tendermint)
Actors
- IETF
- Internet Society
- IANA
- APNIC, ARIN, AFNIC, LACNIC.
Reference
Contributors
- Harsh Patel
Open for contributions and debate.
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.