On the risk of misbehaving RPKI authorities

The RPKI is a new security infrastructure that relies on trusted authorities to prevent some of the most devastating attacks on interdomain routing. The threat model for the RPKI supposes that authorities are trusted and routing is under attack. Here we discuss the risks that arise when this threat model is flipped: when RPKI authorities are faulty, misconfigured, compromised, or compelled to misbehave. We show how design decisions that elegantly address the vulnerabilities in the original threat model have unexpected side effects in this flipped threat model. In particular, we show new targeted attacks that allow RPKI authorities, under certain conditions, to limit access to IP prefixes, and discuss the risk that transient RPKI faults can take IP prefixes offline. Our results suggest promising directions for future research, and have implications on the design of security architectures that are appropriate for the untrusted and error-prone Internet.

[1]  Loren M. Kohnfelder,et al.  Towards a practical public-key cryptosystem. , 1978 .

[2]  Stephen T. Kent,et al.  Secure Border Gateway Protocol (S-BGP) , 2000, IEEE Journal on Selected Areas in Communications.

[3]  Messaoud Benantar The Internet public key infrastructure , 2001, IBM Syst. J..

[4]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[5]  Deployment Considerations for Secure Origin BGP (soBGP) , 2003 .

[6]  D. Barren The President'S National Security Telecommunications Advisory Committee , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.

[7]  Ronald J. Deibert,et al.  Access Controlled - The Shaping of Power, Rights, and Rule in Cyberspace , 2010, Access Controlled.

[8]  Patrick D. McDaniel,et al.  A Survey of BGP Security Issues and Solutions , 2010, Proceedings of the IEEE.

[9]  Sid Stamm,et al.  Certified Lies: Detecting and Defeating Government Interception Attacks against SSL (Short Paper) , 2011, Financial Cryptography.

[10]  W. Hardaker Internet Engineering Task Force (ietf) , 2011 .

[11]  A. Dammer How Secure are Secure Interdomain Routing Protocols , 2011 .

[12]  Milton L. Mueller,et al.  Negotiating a New Governance Hierarchy: An Analysis of the Conflicting Incentives to Secure Internet Routing , 2011 .

[13]  Geoff Huston,et al.  Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origin Authorizations (ROAs) , 2012, RFC.

[14]  Towards detecting BGP route hijacking using the RPKI , 2012, CCRV.

[15]  Geoff Huston,et al.  A Profile for X.509 PKIX Resource Certificates , 2012, RFC.

[16]  Stephen T. Kent,et al.  Certification Authority (CA) Key Rollover in the Resource Public Key Infrastructure (RPKI) , 2012, RFC.

[17]  Leo Vegoda,et al.  Resource Public Key Infrastructure (RPKI) Objects Issued by IANA , 2012, RFC.

[18]  Stephen T. Kent,et al.  A Profile for Route Origin Authorizations (ROAs) , 2012, RFC.

[19]  Stephen T. Kent,et al.  An Infrastructure to Support Secure Internet Routing , 2012, RFC.

[20]  Stephen T. Kent,et al.  Manifests for the Resource Public Key Infrastructure (RPKI) , 2012, RFC.

[21]  Stephen T. Kent,et al.  Signed Object Template for the Resource Public Key Infrastructure (RPKI) , 2012, RFC.

[22]  Geoff Huston The Profile for Algorithms and Key Sizes for Use in the Resource Public Key Infrastructure (RPKI) , 2012, RFC.

[23]  Stephen T. Kent,et al.  Certificate Policy (CP) for the Resource Public Key Infrastructure (RPKI) , 2012, RFC.

[24]  Geoff Huston,et al.  A Profile for Resource Certificate Repository Structure , 2012, RFC.

[25]  Milton L. Mueller,et al.  Internet Security and Networked Governance in International Relations , 2013 .

[26]  Sharon Goldberg,et al.  BGP security in partial deployment: is the juice worth the squeeze? , 2013, SIGCOMM 2013.

[27]  Randy Bush RPKI Local Trust Anchor Use Cases , 2013 .

[28]  John G. Scudder,et al.  BGP Prefix Origin Validation , 2013, RFC.

[29]  Roque Gagliano,et al.  Multiple Repository Publication Points support in the Resource Public Key Infrastructure (RPKI) , 2013 .

[30]  M. Deren Is the juice worth the squeeze? , 2013, Connecticut medicine.

[31]  Stephen T. Kent,et al.  Threat Model for BGP Path Security , 2014, RFC.

[32]  Randy Bush Responsible Grandparenting in the RPKI , 2014 .

[33]  David Mandelberg,et al.  Suspenders: A Fail-safe Mechanism for the RPKI , 2015 .