Swiss National Bank is testing a new internet from ETH that should make electronic payment transactions more secure.

A version of this article written by Andreas Hirstein originally appeared on June 15, 2019 on NZZ am Sonntag. Courtesy translation by Anapaya.

Today’s network technology is way too complex, error-prone and vulnerable to malicious attacks. It can be exploited for espionage purposes by governments or companies. It is for this reason that the Trump government blames China for spying on Western democracies using backdoors built into Huawei servers. China Telecom – a state owned telecommunication company – operates ten network nodes in North America, allowing them to route American data traffic through China. In 2016, for example, a connection between Canadian and South Korean authorities passed through China for six months without being noticed. On April 8, 2010, China Telecom even managed to reroute 15 percent of all internet traffic to China for 18 minutes.

The rerouting of data, so-called hijacking, is not always a malicious attacks. Accidental misconfiguration of routers is much more common and happens daily. However, these incidents are always troublesome, expensive, and in the worst case dangerous. On Thursday last week (13.06.2019), an error in a datacenter in western Switzerland caused traffic from Europe to be rerouted through China Telecom’s networks for two hours. It resulted in network outages or low speed connections across Europe.

The Achilles’ heel of the internet and therefore the preferred target of hackers and intelligence services is the so-called Border Gateway Protocol (BGP). Today’s internet hosts use it to determine the path to transmit data from the sender to the receiver. BGP dates back to a time when the internet only connected a few American data centers. At that time, security concerns did not play a major role, and secret services can therefore still easily reroute global data flows to their countries and read or modify their content.

“Telecommunication networks could become more secure only if the internet would be based on a new software foundation,” says Adrian Perrig, Professor of Network Security at ETH Zurich. Perrig is pursuing this goal at ETH Zurich. He develops a navigation system that prevents malicious or accidental rerouting of data packets.


An alternative to BGP is the “SCION” protocol, which Perrig has developed at ETH. SCION pledgees to be more secure since the implementation of the protocol can be verified by the network operators themselves. Manipulation attempts would immediately become apparent, and network operators would no longer have to confide in technical suppliers such as Huawei, Cisco and others.

In a SCION network hijacking is made impossible. Senders and receivers determine in advance which path the data will take. Every data packet contains the complete path information. In contrast, nowadays the data packets contain only the addresses of sender and receiver. Thus, it is the routers on the Internet determining the exact steps when passing on data packets.

In SCION it is senders and receivers rather than the routers that determine the paths through which they exchange data. It can be cryptographically verified that a pre-defined path has been followed. “To intercept or manipulate communication, you have to be located along the predetermined path. SCION has powerful security mechanisms to defend: even if an attacker knows the communication path, SCION protects itself,” says Perrig.

At ETH Zurich, research groups led by David Basin and Peter Müller are working on SCION. They model the SCION network mathematically rather than testing it by trial and error. This is possible because the protocol has a very small attack surface (the code itself consists of a thousand times less lines of code than today’s network protocols).

However, the protocol does not protect from backdoors in the network infrastructure. There is no guarantee that a supplier has not installed backdoors in its hardware to enable, for example, to shut down servers and routers remotely.

Swisscom supports SCION in Switzerland and has funded the chair of Adrian Perrig for ten years. Swisscom has been participating in the laboratory tests at ETH Zurich for two years, and it has built SCION prototypes for corporate customers.

The new technology should be implemented in the computer network of the ETH domain by 2021.

Potential Use-Cases

SCION can easily compete with reserved leased lines: it is almost as secure, but cheaper. Additionally, it could offer commercially interesting options for path control: to reserve high-speed communication channels exclusively for time-critical applications; and to sell them at higher prices. Other data that does not depend on latency could be sent via a high bandwidth but slower line. Overall, this would lead to a more homogeneous and efficient utilisation of the entire network infrastructure and thus reduce costs.

SCION is potentially beneficial for the financial sector. The Swiss National Bank (SNB) has been testing it to connect with its Singapore branch for two years. In the future, SNB could use Scion to communicate with banks and financial infrastructure .

The basis of Switzerland’s electronic payment system is Swiss Interbank Clearing (SIC). The communication infrastructure underlying the SIC at the moment is very secure due to static leased lines between the banks and the central SIC, but it is not designed to connect the banks directly to each other. SCION could fill this gap and directly, connecting commercial banks with each other and with other fin-techs. It forms a basis of a secure financial network (Secure Swiss Finance Network, SSFN), increases resilience to cyber security risks and advantages Switzerland as a business location.

To become commercially viable, SCION needs support from large international internet providers. Swisscom and Deutsche Telekom established a secure SCION connection between Berlin and Bern.