RPKI is Coming of Age: A Longitudinal Study of RPKI Deployment and Invalid Route Origins

Despite its critical role in Internet connectivity, the Border Gateway Protocol (BGP) remains highly vulnerable to attacks such as prefix hijacking, where an Autonomous System (AS) announces routes for IP space it does not control. To address this issue, the Resource Public Key Infrastructure (RPKI) was developed starting in 2008, with deployment beginning in 2011. This paper performs the first comprehensive, longitudinal study of the deployment, coverage, and quality of RPKI. We use a unique dataset containing all RPKI Route Origin Authorizations (ROAs) from the moment RPKI was first deployed, more than 8 years ago. We combine this dataset with BGP announcements from more than 3,300 BGP collectors worldwide. Our analysis shows the after a gradual start, RPKI has seen a rapid increase in adoption over the past two years. We also show that although misconfigurations were rampant when RPKI was first deployed (causing many announcements to appear as invalid) they are quite rare today. We develop a taxonomy of invalid RPKI announcements, then quantify their prevalence. We further identify suspicious announcements indicative of prefix hijacking and present case studies of likely hijacks. Overall, we conclude that while misconfigurations still do occur, RPKI is "ready for the big screen," and routing security can be increased by dropping invalid announcements. To foster reproducibility and further studies, we release all RPKI data and the tools we used to analyze it into the public domain.

[1]  Russ Housley,et al.  A Profile for Autonomous System Provider Authorization , 2019 .

[2]  Stephen T. Kent,et al.  A Profile for Route Origin Authorizations (ROAs) , 2012, RFC.

[3]  Aiko Pras,et al.  Measuring the Adoption of DDoS Protection Services , 2016, Internet Measurement Conference.

[4]  Sharon Goldberg,et al.  How secure are secure interdomain routing protocols , 2010, SIGCOMM '10.

[5]  A. Dammer How Secure are Secure Interdomain Routing Protocols , 2011 .

[6]  Amir Herzberg,et al.  Are We There Yet? On RPKI's Deployment and Security , 2017, NDSS.

[7]  Randy Bush,et al.  Verification of AS_PATH Using the Resource Certificate Public Key Infrastructure and Autonomous System Provider Authorization , 2018 .

[8]  W. Marsden I and J , 2012 .

[9]  Geoff Huston,et al.  A Profile for Resource Certificate Repository Structure , 2012, RFC.

[10]  Andra Lutu,et al.  The BGP Visibility Scanner , 2013, 2013 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[11]  Ethan Heilman,et al.  On the risk of misbehaving RPKI authorities , 2013, HotNets.

[12]  GoldbergSharon,et al.  BGP security in partial deployment , 2013 .

[13]  Sharon Goldberg,et al.  BGP security in partial deployment: is the juice worth the squeeze? , 2013, SIGCOMM.

[14]  Ítalo S. Cunha,et al.  Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering , 2017, CCRV.

[15]  Ratul Mahajan,et al.  Understanding BGP misconfiguration , 2002, SIGCOMM '02.

[16]  Olaf Maennel,et al.  RiPKI: The Tragic Story of RPKI Deployment in the Web Ecosystem , 2014, HotNets.

[17]  Amir Herzberg,et al.  One Hop for RPKI, One Giant Leap for BGP Security , 2015, HotNets.

[18]  Job Snijders,et al.  The Use of Maxlength in the RPKI , 2018 .

[19]  Stephen T. Kent,et al.  An Infrastructure to Support Secure Internet Routing , 2012, RFC.

[20]  Russ White Architecture and Deployment Considerations for Secure Origin BGP (soBGP) , 2006 .

[21]  Volker Roth,et al.  Listen and whisper: security mechanisms for BGP , 2004 .

[22]  Thomas C. Schmidt,et al.  RPKI MIRO: Monitoring and Inspection of RPKI Objects , 2015, SIGCOMM.

[23]  Charles Lynn,et al.  Secure BGP (S-BGP) , 2003 .

[24]  Patrick D. McDaniel,et al.  A Survey of BGP Security Issues and Solutions , 2010, Proceedings of the IEEE.

[25]  Mina Guirguis,et al.  Stealthy IP Prefix Hijacking: Don't Bite Off More Than You Can Chew , 2009, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference.

[26]  Amir Herzberg,et al.  Secure Routing for Future Communication Networks (Dagstuhl Seminar 15102) , 2015, Dagstuhl Reports.

[27]  Sharon Goldberg,et al.  Let the market drive deployment: a strategy for transitioning to BGP security , 2011, SIGCOMM.

[28]  John G. Scudder,et al.  BGP Prefix Origin Validation , 2013, RFC.

[29]  Anja Feldmann,et al.  Blackholing at IXPs: On the Effectiveness of DDoS Mitigation in the Wild , 2016, PAM.

[30]  Sharon Goldberg,et al.  MaxLength Considered Harmful to the RPKI , 2017, CoNEXT.

[31]  Chiara Orsini,et al.  BGPStream: A Software Framework for Live and Historical BGP Data Analysis , 2016, Internet Measurement Conference.

[32]  Walter Willinger,et al.  In search of the elusive ground truth: the internet's as-level connectivity structure , 2008, SIGMETRICS '08.

[33]  Paul Francis,et al.  A study of prefix hijacking and interception in the internet , 2007, SIGCOMM '07.