Our current internet architecture was conceived for the 1980s. It’s time for an upgrade

(Glenn Carstens-Peters, Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Giacomo Giuliari, PhD candidate, ETH Zurich, Joel Wanner, PhD candidate, ETH Zurich, Markus Legner, Postdoctoral Researcher, ETH Zurich, David Basin, Professor of Information Security, ETH Zurich, Peter Müller, Professor of Programming Methodology, ETH Zurich & Adrian Perrig, Professor of Network Security, ETH Zurich

• BGP, the main protocol governing the internet, was designed over 30 years ago, and is now not fit for purpose.

• SCION internet architecture provides a mature, stable alternative.

• SCION uses ‘formal verification’ to ensure stability and eliminates circular dependencies that make BGP problematic.

The COVID-19 pandemic has exposed and increased society’s reliance on digital communication. To support the skyrocketing use of video calls, global networks have been rapidly expanded – internet bandwidth increased by 35% in 2020. Communication applications such as Whatsapp or Zoom are constantly being upgraded and strengthened to provide more efficient and secure services across the internet.

While these efforts are certainly helpful in ensuring a seamless internet experience, a core threat to internet availability still remains hidden, buried deep inside the digital machinery.

The Border Gateway Protocol (BGP) enables coordination between the over 70,000 different networks that interconnect into the single global communication infrastructure that we call the internet. As it turns out, BGP is one of the most fragile parts of the internet. While most of the hundreds of weekly outages caused by BGP’s malfunctioning go mostly unnoticed, as they typically affect only a small fraction of users, extended disruptions are not uncommon.

In 2020, for example, one major incident affecting US service provider Cloudflare lasted for seven hours and caused a 3.5% drop in global traffic. This event, caused by a trivial misconfiguration, illustrates how minor hiccups in regional routers can trigger the proverbial butterfly effect that results in disrupting connectivity in large portions of the internet. Such outages result in enormous costs for businesses and disproportionally affect institutions that rely on the internet for critical services.

Given the crucial nature of the internet, an important question is: How did we get to rely on such an unreliable infrastructure? The answer is surprisingly simple: BGP was not designed to handle the global scale and number of interconnected networks that we have today. Famously dubbed the “two-napkin protocol” (as it was invented in a cafeteria during breaktime), BGP was created to support the interconnection of the much smaller internet of the late 1980s. Its mostly functional operation over the past 30 years has given a false sense of stability. To achieve a strong guarantee of reliable communication, we need stronger properties than those BGP can provide.

A stable and verified alternative

At ETH Zurich, we have been working on a modern replacement to the ageing BGP. The next generation SCION Internet is designed to be provably stable in the face of major disruptions and even hackers. By “provably” we mean that our researchers, aided by state-of-the-art software, applied “formal verification” to devise mathematical proofs of SCION’s stability. With formal verification, it is possible to reason mathematically about complex interactive protocols, and to prove statements about their outcome. This task is impossible with BGP, as it was built in a way that cannot guarantee stability in general.

No previous research project has applied formal verification to an entire internet architecture, but we did not stop there. We further use code verification to prove that SCION’s routers are correctly programmed to execute the protocol. While these two tools, protocol and code verification, have been used separately in the past, they have never before been combined for such a complex system.

Breaking the circle

It is estimated that the digital economy represented between 4.5% and 15.5% of world GDP in 2019, and has further grown since then. Further, a recent attack on a major ISP in Belgium shows how reliant many government entities are on internet communication.

Like other key infrastructure and utilities, the internet should be operated and safeguarded with enormous care. Power networks, for instance, are carefully protected against failures with elaborate contingency plans. In that sector, a crucial part in this process is dependency analysis, which highlights circular dependencies that can prevent the resumption of service after a blackout. Most importantly, the power network has to be able to “black-start”, i.e. recover from a complete shutdown – despite the fact that, paradoxically, many plants themselves consume electricity to produce electricity and thus require an external power source to start.

The internet should have a similar feature: After the disconnection of a large portion of the network, the re-establishment of connectivity should take seconds, at most. With BGP, unfortunately, circular dependencies are created by the very security extensions designed to protect participating networks from outside interference: They require internet connectivity to achieve secure internet connectivity! Such dependencies further slow down recovery from the outages described above.

Our analysis of the interdependency of SCION components showed that providing full connectivity of the whole internet can happen within seconds from a black-start. Starting only from local cryptography-based roots of trust, the networks participating in the SCION protocol can discover and authenticate communication paths to quickly enable secure internet routing. This is achieved through a process called “beaconing”, in which unforgeable messages originate at a trusted root and travel from network to network.

SCION dispenses with the circular dependencies that slowed down BGP
SCION dispenses with the circular dependencies that slowed down BGP Image: ETH Zurich

A next-generation internet

Through formal verification and dependency analysis, we have deep confidence in the operational stability and security of SCION; deeper than for any other internet architecture. While we were busy designing and analyzing SCION, we also worked on bringing these innovations to the real world. Already today, seven ISPs offer SCION connectivity.

What is the World Economic Forum doing on cybersecurity

The World Economic Forum’s Centre for Cybersecurity is leading the global response to address systemic cybersecurity challenges and improve digital trust. We are an independent and impartial global platform committed to fostering international dialogues and collaboration on cybersecurity in the public and private sectors. We bridge the gap between cybersecurity experts and decision makers at the highest levels to reinforce the importance of cybersecurity as a key strategic priority. World Economic Forum | Centre for Cybersecurity

Our community has three key priorities:

Strengthening Global Cooperation – to increase global cooperation between public and private stakeholders to foster a collective response to cybercrime and address key security challenges posed by barriers to cooperation.

Understanding Future Networks and Technology – to identify cybersecurity challenges and opportunities posed by new technologies, and accelerate forward-looking solutions.

Building Cyber Resilience – to develop and amplify scalable solutions to accelerate the adoption of best practices and increase cyber resilience.

Initiatives include building a partnership to address the global cyber enforcement gap through improving the efficiency and effectiveness of public-private collaboration in cybercrime investigations; equipping business decision makers and cybersecurity leaders with the tools necessary to govern cyber risks, protect business assets and investments from the impact of cyber-attacks; and enhancing cyber resilience across key industry sectors such as electricity, aviation and oil & gas. We also promote mission aligned initiatives championed by our partner organizations.

The Forum is also a signatory of the Paris Call for Trust and Security in Cyberspace which aims to ensure digital peace and security which encourages signatories to protect individuals and infrastructure, to protect intellectual property, to cooperate in defense, and refrain from doing harm.

For more information, please contact us.

As vaccines roll out globally, we will hopefully soon return to our physically connected lifestyle. However, many of the innovations that were accelerated by the pandemic are here to stay. SCION internet architecture provides a secure and dependable foundation for these innovations today, with its formally verified operation – free of circular dependencies – and growing operational deployment.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

International community agrees on a road map for resolving the tax challenges arising from digitalisation of the economy

‘Crimes against humanity,’ ‘war crimes’ and risk of new ethnic violence in DR Congo, warn UN experts

Statement by OECD Secretary-General Angel Gurría on the outcome of COP 25

‘Maintain calm’ and ‘exercise patience’ UN envoy urges, as Nigeria heads to polls

The refugee crisis seen through the eyes of a young doctor from Turkey

Cleantech innovation is being stifled. Here’s how to unlock it

Basel III rules relaxed: Banks got it all but become more prone to crisis

These are the world’s 10 most innovative economies

4 myths about corruption

How to reimagine our cities as hubs for biodiversity, conservation and climate resilience

OECD and European Commission join forces to further support structural reforms in European countries

3 ways to protect LGBTI rights across the world

Commission disburses €14 billion under SURE to nine Member States

Protecting refugees in Europe: UNHCR calls for a ‘year of change’

‘Bicycle Kingdom’ makes a comeback, as China seeks solutions to tackle air pollution crisis

GSMA Announces First Keynote Speakers for 2019 “MWC Los Angeles, in Partnership with CTIA”

Palliative Care: A Gap to fill in healthcare service

5G will redefine entire business models. Here’s how

‘Catastrophic’ healthcare costs put mothers and newborns at risk

The Eurogroup protects Germany and blames others

How to talk about climate change: 5 tips from the front lines

Global Cooperation for Local Action: Fighting antimicrobial resistance

The future of crypto-assets, from opportunities to policy implications

This is what different countries are doing to stop coronavirus from spreading

Future-proofing the European banking market – removing the obstacles to exit

Why trade wars have no winners

Ηealth’s foundation is falling apart: what can we do about it?

European Commission and European Investment Fund launch €75 million BlueInvest Fund

Trade war or not New York bankers will have it their way

How building renovations can speed up the electric vehicle revolution

European Youth Capital 2018 : Cascais

Central African Republic: Guterres says UN mission committed to protecting civilians, helping stabilize country, as violence flares

Turkey needs to step up investment in renewables to curb emissions

Commissioner for Crisis Management in Kabul: EU steps up humanitarian assistance with €32 million

Senior UN children’s advocate says they ‘should never be targeted by violence’

A Sting Exclusive, the European Commissioner for Energy Günther Oettinger writes for the Sting on “EU Industry: a major energizer”

Chart of the day: These are the cities where the World Cup threatens productivity the most

Wash your hands, but keep your mind clean

Human rights breaches in Bangladesh, Cuba and Vietnam

New UN-supported farming app is cream of crop in tackling Sahel pest

Privatisation and public health: a question of Human Rights

Can this billion-dollar initiative save the world’s tropical forests?

European Investment Bank to borrow €70 billion in 2013

‘These are very dark times for Yemen’: senior UN official on air strike mass casualties

Why and how did ISIS and Muslim fundamentalism gain momentum this year?

Brexit: when the hubris of one man can set the UK, the EU and the entire world on fire

Warmongers ready to chew what is left of social protection spending

State aid: Commission refers United Kingdom to European Court for failure to fully recover illegal tax exemption aid of up to around €100 million in Gibraltar

Youth Forum calls on Parliament to ease entry into Europe for young people

Better sanitation for India is in the pipeline

Why transparency in drug pricing is more complicated than it seems

COVID-19: faster authorisation for vaccines adapted to variants

As inequality grows, the UN fights for a fairer world

DiscoverEU: 20,000 more young people will explore Europe in 2020

‘Undersea gardeners’ are restoring Jamaica’s lost coral reefs

The global response to the coronavirus pandemic must not be undermined by bribery

Banks must take bold action to fight climate change. This is how they can do it

COVID-19 threatens the developing world’s small businesses. This is how to save them

Chronic illnesses: UN stands up to stop 41 million avoidable deaths per year

Mediterranean migrant drownings should spur greater action by European countries, urge UN agencies

More Stings?

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s