A telecommunication network such as the Internet comprises a plurality of intermediary routers connected to one another in such a way that information transmitted from a first server to a second server is generally routed by one or more of these intermediary routers.
In order to optimize these intermediary transmissions, it is known to equip each router with a map identifying the topology of its network, or more generally speaking, of a part of that network—hereafter known as an area—in which it is located.
Such a topological map presents a state of relationships between the routers of its network or area such that, considering a first router and a second router located on that map, the first router may determine, with the help of that topological map, an optimal path, meaning a list of intermediary routers, to transmit information to that second router through that network or area.
In concrete terms, and within the context of the Internet, it is known to use a routing protocol known as OSPF, for “Open Shortest Path First”, according to which each router i of an area particularly determines a list of links LSAi, for “Link-State Advertisements”, identifying routers in that area to which it is directly connected, hereafter known as neighboring routers.
Afterward, each router i shares with its neighboring routers, in a message known as LSU for “Link-State Update” its list of links LSAi and lists of links LSA1, LSA2, . . . LSAn received from other routers.
Each router may then store, in a database known as LSDB for “Link-State Database”, these lists of links, such that, based on this LSDB database, a router comprised within this OSPF area determines an optimal path—typically the shortest one using the “Shortest Path First” approach—to transmit information to another router comprised within the same OSPF area.
In order to prevent a fraudulent hijacking of information transmitted via the Internet, it is conceivable to protect the identity of routers transmitting a LSU message by requiring that they sign that message, for example, by means of a shared key cryptographic method.
The present invention results from the observation that such a method does not make it possible to prevent “internal” hijackings of information that may be implemented by a perpetrator controlling a transmission layer of a corrupt router such that the perpetrator can replace the LSU message received within the corrupt router with a LSU message comprising false lists, for example, identifying a fraudulent router in order to misdirect information to it.
In this situation, this corrupt LSU message is then correctly signed by the corrupt routers protection layer—even though that layer has not been hijacked by the perpetrator—and consequently, this fraud is extended to the network.
This means that, in the event of internal fraud, the perpetrator gets to have his or her false list considered valid by the OSPF area's other routers, which will observe the validity of the corrupt routers signature.