June 10 – 13 , 2018, Dagstuhl Seminar 18242

Secure Routing for the Internet


Phillipa Gill (University of Massachusetts – Amherst, US)
Amir Herzberg (University of Connecticut – Storrs, US)
Adrian Perrig (ETH Zürich, CH)
Matthias Wählisch (FU Berlin, DE)

For support, please contact

Dagstuhl Service Team


Dagstuhl Report, Volume 8, Issue 6 Dagstuhl Report
Aims & Scope
List of Participants
Shared Documents


The seminar was focused on the following aspects of routing security, mostly in the context of traditional inter-domain routing security: (i) Protocol design vs tooling, (ii) sources of relevant routing data and their accuracy/collection challenges, including policy databases, (iii) the need for metadata and dataset ``labelling'', (iv) monitoring and detection of routing attacks and anomalous incidents, such as BGP hijacks and route leaks, incentives for network operators to adopt routing security protocols, (v) testbeds for routing experiments, (vi) hijacks as enabling attacks against ToR and Bitcoin, on the application level, (vii) prevention of routing attacks, (viii) anonymity, privacy and (anti-)censorship. Moreover, we discussed in depth about (ix) PKI and cryptographic verification and protection mechanisms, and their use in securing routing infrastructures, such as the RPKI and BGPsec protocols. Finally, we (x) approached BGP flowspecs, DDoS attacks and QoS in the Internet as separate topics of interest in the field. Another goal of the seminar was to touch upon (xi) future network routing architectures which offer routing security ``by design'', especially in light of demanding upcoming applications such as IoT, car-to-car communications, sensor swarms, and wireless routing at scale, and identify related security and privacy concerns and objectives.

Besides the specific goals of the seminar, it is also worth noting some interesting aspects of Dagstuhl seminars in general, that played a critical role in fueling the related talks, discussions and reports. In summary, the 3-day seminar in which we participated, focused not solely on the presentation of established results but also on ideas, sketches, and open (research and operations) problems. The pace and program was guided by topics and presentations that evolved through discussions. This report contains an executive summary of the material that was transcribed during the entire seminar.

Overall, some participants of the seminar seem to be more "pessimistic" about routing security. Both the research and operator communities need to consolidate more data sources to facilitate progress. Any deployment progress is only possible if operator incentives are improved, however, it remains an open problem on how to provide strong incentives. In practice, a good technical solution is insufficient without first tackling the "politics". We discussed about routing/network testbeds and the role they can play in emulating and verifying many of the discussed concepts. However, in the wild (or the "real world"), it is surprisingly hard to implement something like RPKI; even more so for BGPsec. We all need a better understanding of the problem space; formal taxonomies of routing attacks, such as hijacks, would be of great help on this front. Regarding improving BGP itself, we have seen many prevention mechanisms, whose deployment is the end-goal for the Internet. However, as we have to live with BGP at least in the intermediate term, we can also explore research on overlay solutions to achieve the properties that we need, at least for the time being. These solutions need to support incremental deployment for obvious reasons.

In general, deployment progress has been slow which is feared not change in the near future. It is reassuring to see that a lot of work is being done in the measurement area; we were also reminded how hard is it to get the ground truth, labelled with useful metadata. Some fundamentally new and secure approaches were discussed, for instance the SCION secure Internet architecture, however, the deployment of new inter-domain routing protocols is very challenging. To improve the deployment incentives of secure routing protocols for operators, the creation of a catalog of routing incidents could be beneficial.

Moreover, it seems that the community may have underestimated the importance of monitoring tools and their utility in the wild. We have learned about new data sets, as well as interesting insights on the Impact of prefix hijacks on the application layer. In general though, we were hoping to see more enthusiasm for new solutions.

Finally, it is worth noting that having a mixed group of researchers and operators is very important to exchange information and discuss potential approaches, which made the seminar an interesting and worthwhile experience.

  Creative Commons BY 3.0 Unported license
  Vasileios Kotronis

Related Dagstuhl Seminar


  • Networks
  • Security / Cryptology


  • Internet security
  • Secure routing
  • Communication networks
  • Future internet
  • Privacy and anonymity
  • Mobile and wireless networks

Book exhibition

Books from the participants of the current Seminar 

Book exhibition in the library, ground floor, during the seminar week.


In the series Dagstuhl Reports each Dagstuhl Seminar and Dagstuhl Perspectives Workshop is documented. The seminar organizers, in cooperation with the collector, prepare a report that includes contributions from the participants' talks together with a summary of the seminar.


Download overview leaflet (PDF).


Furthermore, a comprehensive peer-reviewed collection of research papers can be published in the series Dagstuhl Follow-Ups.

Dagstuhl's Impact

Please inform us when a publication was published as a result from your seminar. These publications are listed in the category Dagstuhl's Impact and are presented on a special shelf on the ground floor of the library.

NSF young researcher support