The routing protocol most common on the net broken by students at the Technion

Dima and Alex Kirshon Gonikman of the Technion Faculty of Computer Science have successfully hacked the routing protocol OSPF (Open Shortest Path First), the most common on the internet as part of a final project study led by Dr. Gabriel Raphael. They are the recipients of the prestigious award for Excellence in Amdocs computer.

In the field of computer networks, it is customary to divide and separate multiple platforms and autonomous systems, and connect them with what are called routers. For example a router will direct the request of a French web site to Israel. A request does not pass through a single router, but is routed through paths that traverse several routers before reaching their destination. To communicate, the routers that redirect the flow of information to their peers use language commonly known routing protocol. Among the different protocols, OSPF is the most widespread on the internet.

In the latter, each router establishes adjacency relations with its immediate neighbors by sending them messages at regular intervals. Each router then forwards the list of networks it is connected by messages spread gradually to all routers in the network. The principle of the proposed attack is to use a phantom server that sends messages containing false adjacency relations to all routers. Implying that all messages passing through the network are forced to go through the ghost server. By controlling the flaws in this protocol, it is possible to prevent messages from reaching their destination or redirect information from one source to another. This would allow an attacker to carry out an attack of "man on the middle" and retrieve sensitive information or block a website.

Discovered the fault in these types of protocols allows the consortium that governs the standards of the World Wide Web immediately react by strengthening the security of routers through updates, preventing the acquisition of control of routers by pirates of the canvas.