5233 Castlereigh Ct.
Granite Bay, CA 95746
Project Title: Cryptographic Acceleration for Border Gateway Protocol Security (CaBGPsec)
NIST Award(s): 70NANB14H289
Technology Developed: taraBGPsecTM is a high-performance software library that implements security functionality for the Border Gateway Protocol as defined in the IETF RFC 8205, “BGPsec Protocol Specification” and is compatible with SRx, an open source reference implementation and research platform developed by NIST. taraCRYPT™ is Antara’s efficient cross-platform crypto library that provides one of the fastest Elliptical Curve Digital Signature Algorithm implementations. It ensures that taraBGPsec performance meets strict Internet routing table convergence requirements. The technology received the Best Poster award at NIST/ITL 2016 Science Day.
Key Words: Border Gateway Protocol Security, BGPsec, Elliptic Curve Digital Signature Algorithm, Autonomous System Path Validation, route origin validation, SRx
Uses of Technology/Products/Service: The reliable functioning of critical infrastructure, such as the Internet, is imperative to the national and economic security at the global level, especially as the frequency and complexity of cyber-security threats are increasing significantly. The Border Gateway Protocol (BGP) is the control protocol that is used to communicate reachability and routing information in the Internet. The currently deployed BGP does not include provisions for security features and is vulnerable to accidental and malicious attacks on the control plane. BGPsec (BGP with security) protocol addresses vulnerabilities associated with BGP by providing cryptographic protection against Autonomous System path modification attacks. However, the required intense cryptographic processing imposes additional workload on the route processors in edge routers. Antara has developed a unique software methodology, embodied in its taraBGPsec™ product, to efficiently process BGPsec in order to meet strict Internet routing table convergence requirements. Additionally, Antara implemented an efficient and secure crypto engine taraCRYPT™, to support taraBGPsec. Antara collaborated closely with the NIST Advanced Network Technologies Division (ANTD) to R&D the innovation and has received a US Patent 9,804,891, “Parallelizing Multiple Signing and Verifying Operations with a Secure Routing Context.” Antara and ANTD demonstrated that by means of efficient software architecture and algorithmic optimizations, it is possible to substantially speed up BGPsec processing using commercially available general-purpose processors for route engines, and thus maintain low additional delay for the routing table convergence time. Antara’s scalable products will enable major router vendors to enhance Internet routing security.
Benefit to Company: The NIST SBIR program has had tremendous impact on Antara. Antara has been able to accelerate its growth and was awarded seven SBIR awards and a related NIST Grant since receiving its first SBIR award with NIST. Antara is now perceived a thought leader in this field and has delivered presentations at key industry and IEEE conferences. Antara has utilized the taraCRYPT™ library in developing a Consultative Committee for Space Data Systems (CCSDS) compliant Bundle Protocol Security (BPsec) implementation for Delay Tolerant Networks with NASA funding. Antara is currently engaged with NASA and the Jet Propulsion Laboratory (JPL) to further R&D the technology for potential future infusion into the Lunar Network to support the Moon to Mars Campaign. The patented parallelization methodology along with taraCRYPT has been utilized with Antara’s large data compression system which is used by the Federal Government.
Technology’s Impact on Company’s Growth: Strategic
These publications discuss material generated with this SBIR project:
Past R&D and/or Sales from this Project: About 400,000 in non-SBIR R&D and related product sales
Estimated Future Annual R&D and/or Sales from this Project: Over 3.6M in R&D funding and over 0.5M in sales.