Design and Implementation of InBlock-A Distributed IP Address Registration System

The current mechanism to secure Border Gateway Protocol relies on the resource public key infrastructure (RPKI) for route origin authorization. The RPKI implements a hierarchical model that intrinsically makes lower layers in the hierarchy susceptible to errors and abuses from entities placed in hig...

Full description

Saved in:
Bibliographic Details
Published inIEEE systems journal Vol. 15; no. 3; pp. 3528 - 3539
Main Authors Garcia-Martinez, Alberto, Angieri, Stefano, Liu, Bingyang, Yang, Fei, Bagnulo, Marcelo
Format Journal Article
LanguageEnglish
Published New York IEEE 01.09.2021
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Blockchain
Contracts
Cryptography
distributed autonomous organization
ethereum
Internet
IP (Internet Protocol)
IP address allocation
IP networks
Protocols
Public Key Infrastructure
Resource management
Routing
smart contract
Online AccessGet full text

Cover

More Information
Summary:The current mechanism to secure Border Gateway Protocol relies on the resource public key infrastructure (RPKI) for route origin authorization. The RPKI implements a hierarchical model that intrinsically makes lower layers in the hierarchy susceptible to errors and abuses from entities placed in higher layers. In this article, we present InBlock, a distributed autonomous organization that provides decentralized management of IP addresses based on blockchain, embedding an alternative trust model to the hierarchical one currently implemented by the RPKI. By leveraging on blockchain technology, InBlock requires consensus among the involved parties to change existent prefix allocation information. InBlock also fulfills the same objectives as the current IP address allocation system, i.e., uniqueness, fairness, conservation, aggregation, registration, and minimized overhead. InBlock is implemented as a set of blockchain smart contracts in Ethereum, performing all the functions needed for the management of a global pool of addresses without human intervention. Any entity may request an allocation of addresses to the InBlock registry by solely performing a (crypto) currency transfer to the InBlock. We describe our InBlock implementation and we perform several experiments to show that it enables fast address registering and incurs in very low management costs.
ISSN:1932-8184
1937-9234
DOI:10.1109/JSYST.2020.3003526