Netinfo Security ›› 2015, Vol. 15 ›› Issue (9): 37-40.doi: 10.3969/j.issn.1671-1122.2015.09.009

• Orginal Article • Previous Articles     Next Articles

Analysis of the Technique of Breaking TCP MD5 Encryption and Authentication for BGP

Ze-min SUN1(), Tian-liang LU2, Yang ZHOU1   

  1. 1. Information Security Center of Beijing University of Posts and Telecommunications, Beijing 100876, China
    2. School of Network Security Safeguard, People’s Public Security University of China, Beijing 100038, China
  • Received:2015-07-15 Online:2015-09-01 Published:2015-11-13

Abstract:

BGP is an important inter domain routing selection protocol, through which routers can exchange information and select inter domain routing. There are vulnerabilities in BGP protocol, coming from the little consideration for safety in its initial design. One existing security policy is to make the TCP MD5 encryption and authentication between BGP neighbors. However, this simple encryption and authentication mechanism can not ensure safety. After analysis and research on the TCP MD5 certification process,a method is proposed to break the TCP MD5 encryption and authentication in this paper, which takes use of the key dictionary, as well as the principle of MD5 collision. By establishing a real route environment, a breaking verification for TCP MD5 encryption and authentication with a weak key is realized at last.

Key words: BGP protocol, TCP MD5, key dictionary, MD5 collision, weak key

CLC Number: