Amir Herzberg

Abstract: A Safe-Route to Secure Routing: Status, Challenges and Directions for Secure Internet Routing

Routing is the basic infrastructure connecting the Internet together; yet, it remains woefully insecure, in spite of extensive standardization and R&D efforts over decades.

Most of the presentation is dedicated to security of BGP, the Internet’s inter-domain routing protocol. We explain the two main standards in this area, the Border Gateway Protocol security enhancements (BGPsec), and the Routing Public Key Infrastructure (RPKI).  Properly deployed, these mechanisms can prevent most attacks on routing, such as IP prefix hijacking; indeed, there are extensive efforts to encourage deployment. However, deployment ranges from insufficient to non-existent. We study reasons for the lack of deployment, and present the smart-validator project, which is designed to improve deployment.

In the reminder of the presentation, we present an even more ambitious project, the Secure Accountable Internet Forwarding (SAIF) protocol. SAIF extends current Internet routing mechanisms, to ensure guaranteed bounds on end-to-end delays and losses, even under extreme Denial-of-Service attacks.


Dr. Amir Herzberg is an internationally recognized leader in the research on network security and applied cryptography. Dr. Herzberg earned his Ph.D. in Computer Science in 1991 from the Technion in Israel.  From 1991 to 1995, he worked at the IBM T.J. Watson Research Center, where he was a research staff member and the manager of the Network Security research group.  From 1996 to 2000, Dr. Herzberg was the Manager of E-Business and Security Technologies at the IBM Haifa Research Lab.  From 2002 to 2017, he was on the faculty of the Bar Ilan University in Israel conducting research in network security and applied cryptography.  Dr. Herzberg is the author of more than 150 research papers, five (5) book chapters, and 24 patents. Dr. Herzberg has served on technical program committees of over 40 conferences, and delivered keynote and plenary addresses on cyber-security at ten (10) conferences, and organized multiple professional events.