research-article

On the risk of misbehaving RPKI authorities

Authors:

Leonid Reyzin, and

Sharon GoldbergAuthors Info & Claims

HotNets-XII: Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks

November 2013

Article No.: 16, Pages 1 - 7

https://doi.org/10.1145/2535771.2535787

Published: 21 November 2013 Publication History

Abstract

The RPKI is a new security infrastructure that relies on trusted authorities to prevent some of the most devastating attacks on interdomain routing. The threat model for the RPKI supposes that authorities are trusted and routing is under attack. Here we discuss the risks that arise when this threat model is flipped: when RPKI authorities are faulty, misconfigured, compromised, or compelled to misbehave. We show how design decisions that elegantly address the vulnerabilities in the original threat model have unexpected side effects in this flipped threat model. In particular, we show new targeted attacks that allow RPKI authorities, under certain conditions, to limit access to IP prefixes, and discuss the risk that transient RPKI faults can take IP prefixes offline. Our results suggest promising directions for future research, and have implications on the design of security architectures that are appropriate for the untrusted and error-prone Internet.

References

[1]

S. Amante. Risks associated with resource certification systems for internet numbers, 2012.

[2]

R. Austein, G. Huston, S. Kent, and M. Lepinski. RFC 6486: Manifests for the Resource Public Key Infrastructure (RPKI). Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6486.

[3]

A. Band. "Re: rpki vs. secure dns?", msg566. seclists NANOG Archive, apr 2012. http://seclists.org/nanog/2012/Apr/566.

[4]

M. Benantar. The internet public key infrastructure. IBM Systems Journal, 40(3): 648--665, 2001.

Digital Library

[5]

P. Bright. arstechnica: How the Comodo certificate fraud calls CA trust into question, March 2011. http://arstechnica.com/security/2011/03/how-the-comodo-certificate-fraud-calls-ca-trust-into-question/.

[6]

R. Bush. RPKI-Based Origin Validation Operation. Internet Engineering Task Force Network Working Group, 2012. http://tools.ietf.org/html/draft-ietf-sidr-origin-ops-19.

[7]

R. Bush. RPKI Local Trust Anchor Use Cases. Internet Engineering Task Force (IETF), 2013. http://www.ietf.org/id/draft-ymbk-lta-use-cases-00.txt.

[8]

K. Butler, T. Farley, P. McDaniel, and J. Rexford. A survey of BGP security issues and solutions. Proceedings of the IEEE, 2010.

[9]

CAIDA. AS to organization mapping. http://as-rank.caida.org/?mode0=as-intro#as-org.

[10]

Communications Security, Reliability and Interoperability Council III (CSRIC). Secure bgp deployment. Communications and Strategies.

[11]

D. Cooper, E. Heilman, K. Brogle, L. Reyzin, and S. Goldberg. On the risk of misbehaving RPKI authorities. Technical report, Boston University, 2013.

[12]

D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. RFC 5280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. Internet Engineering Task Force (IETF), 2008. http://tools.ietf.org/html/rfc5280.

[13]

J. Cowie. Rensys blog: China's 18-minute mystery. http://www.renesys.com/blog/2010/11/chinas-18-minute-mystery.shtml.

[14]

J. Curran. "Re: {sidr} Princeton University:: Impacting IP Address Reachability via RPKI Manipulations", msg05906. IETF, sidr archive, apr 2013. http://www.ietf.org/mail-archive/web/sidr/current/msg05906.html.

[15]

R. Deibert, J. Palfrey, R. Rohozinski, and J. Zittrain. Access controlled: The shaping of power, rights, and rule in cyberspace. MIT Press, 2010.

Digital Library

[16]

R. Gagliano, T. Manderson, and C. M. Cagnazzo. Multiple Repository Publication Points support in the Resource Public Key Infrastructure (RPKI). Internet Engineering Task Force (IETF), 2013. http://tools.ietf.org/html/draft-ietf-sidr-multiple-publication-points-00.

[17]

E. Galperin, S. Schoen, and P. Eckersley. A post mortem on the iranian diginotar attack. EFF Blog, September 2011.

[18]

S. Goldberg, M. Schapira, P. Hummon, and J. Rexford. How secure are secure interdomain routing protocols? In SIGCOMM'10, 2010.

Digital Library

[19]

G. Huston, R. Loomans, and G. Michaelson. RFC 6481: A Profile for Resource Certificate Repository Structure. Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6481.

[20]

G. Huston and G. Michaelson. RFC 6483: Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origin Authorizations (ROAs). Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6483.

[21]

G. Huston, G. Michaelson, and S. Kent. RFC 6489: Certification Authority (CA) Key Rollover in the Resource Public Key Infrastructure (RPKI). Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6489.

[22]

D. Kaminsky. Black ops 2008: Its the end of the cache as we know it. Black Hat USA, 2008.

[23]

S. Kent and A. Chi. Rfc draft: Threat model for bgp path security. 2013. http://tools.ietf.org/html/draft-kent-bgpsec-threats-01.

[24]

S. Kent, C. Lynn, and K. Seo. Secure border gateway protocol (S-BGP). J. Selected Areas in Communications, 18(4): 582--592, April 2000.

Digital Library

[25]

S. Kent and D. Mandelberg. Suspenders: A Fail-safe Mechanism for the RPKI. Internet Engineering Task Force (IETF), 2013. http://tools.ietf.org/html/draft-kent-sidr-suspenders-00.

[26]

L. M. Kohnfelder. Towards a Practical Public-key Cryposystem. Massachusetts Institute of Technology, 1978. Bachelor's Thesis. http://groups.csail.mit.edu/cis/theses/kohnfelder-bs.pdf.

[27]

M. Lepinski, editor. BGPSEC Protocol Specification. IETF Network Working Group, Internet-Draft, July 2012. Available from http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-protocol-04.

[28]

M. Lepinski and S. Kent. RFC 6480: An Infrastructure to Support Secure Internet Routing. Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6480.

[29]

R. Lychev, S. Goldberg, and M. Schapira. Is the juice worth the squeeze? BGP security in partial deployment. In SIGCOMM'13, 2013.

Digital Library

[30]

T. Manderson, L. Vegoda, and S. Kent. RFC 6491: Resource Public Key Infrastructure (RPKI) Objects Issued by IANA". Internet Engineering Task Force (IETF), 1973. http://tools.ietf.org/html/rfc6491.

[31]

M. Marquis-Boire. A brief history of dns hijackings (at google). ICANN'43, March 2012.

[32]

S. Misel. "Wow, AS7007!". Merit NANOG Archive, apr 1997. www.merit.edu/mail.archives/nanog/1997-04/msg00340.html.

[33]

P. Mohapatra, J. Scudder, D. Ward, R. Bush, and R. Austein. RFC 6811: BGP prefix origin validation. Internet Engineering Task Force (IETF), 2013. http://tools.ietf.org/html/rfc6811.

[34]

M. Mueller and B. Kuerbis. Negotiating a new governance hierarchy: An analysis of the conflicting incentives to secure internet routing. Communications and Strategies, (81): 125--142, 2011.

[35]

M. Mueller, A. Schmidt, and B. Kuerbis. Internet security and networked governance in international relations. International Studies Review, 15(1): 86--104, 2013.

[36]

E. Osterweil, T. Manderson, R. White, and D. McPherson. Sizing estimates for a fully deployed rpki. Technical report, Verisign Labs Technical Report, 2012.

[37]

D. Piscitello. Guidance for preparing domain name orders, seizures & takedowns. Technical report, ICANN, March 2012.

[38]

D. Piscitello. The value of assessing collateral damage before requesting a domain seizure. Technical report, ICANN, January 2013.

[39]

I. G. Project. In important case, RIPE-NCC seeks legal clarity on how it responds to foreign court orders, 2011. http://www.internetgovernance.org/2011/11/23/in-important-case-ripe-ncc-seeks-legal-clarity-on-how-it-responds-to-foreign-court-orders/.

[40]

Rensys Blog. Pakistan hijacks YouTube. http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml.

[41]

C. Soghoian and S. Stamm. Certified lies: Detecting and defeating government interception attacks against ssl (short paper). In Financial Cryptography and Data Security, pages 250--259. Springer, 2012.

Digital Library

[42]

The President's National Security Telecommunications Advisory Committee. Nstac report to the president on communications resiliency, 2011.

[43]

M. Wählisch, O. Maennel, and T. Schmidt. Towards detecting BGP route hijacking using the RPKI. In Poster: SIGCOMM'12, pages 103--104. ACM, 2012.

Digital Library

[44]

R. White. Deployment considerations for secure origin BGP (soBGP). draft-white-sobgp-bgp-deployment-01.txt, June 2003, expired.

[45]

C. Wisniewski. Turkish certificate authority screwup leads to attempted google impersonation. Naked Security Blog, January 4 2013.

Cited By

Rodday NCunha ÍBush RKatz-Bassett ERodosek GSchmidt TWählisch M(2024)The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future ProspectsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332745521:2(2353-2373)Online publication date: Apr-2024
https://doi.org/10.1109/TNSM.2023.3327455
Klenze TSprenger CBasin D(2023)IsaNetJournal of Computer Security10.3233/JCS-22002131:3(217-259)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.3233/JCS-220021
van Hove Kvan der Ham-de Vos Jvan Rijswijk-Deij R(2023)rpkiller: Threat Analysis of the BGP Resource Public Key InfrastructureDigital Threats: Research and Practice10.1145/36171824:4(1-24)Online publication date: 20-Oct-2023
https://dl.acm.org/doi/10.1145/3617182
Show More Cited By

Index Terms

On the risk of misbehaving RPKI authorities
1. Networks
  1. Network components
  2. Network types
    1. Public Internet

Recommendations

RPKI is Coming of Age: A Longitudinal Study of RPKI Deployment and Invalid Route Origins
IMC '19: Proceedings of the Internet Measurement Conference

Despite its critical role in Internet connectivity, the Border Gateway Protocol (BGP) remains highly vulnerable to attacks such as prefix hijacking, where an Autonomous System (AS) announces routes for IP space it does not control. To address this issue,...
Read More
Bamboozling certificate authorities with BGP
SEC'18: Proceedings of the 27th USENIX Conference on Security Symposium

The Public Key Infrastructure (PKI) protects users from malicious man-in-the-middle attacks by having trusted Certificate Authorities (CAs) vouch for the domain names of servers on the Internet through digitally signed certificates. Ironically, the ...
Read More
RPKI vs ROVER: comparing the risks of BGP security solutions
SIGCOMM'14

BGP, the Internet's interdomain routing protocol, is highly vulnerable to routing failures that result from unintentional misconfigurations or deliberate attacks. To defend against these failures, recent years have seen the adoption of the Resource ...
Read More

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

HotNets-XII: Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks

November 2013

188 pages

ISBN:9781450325967

DOI:10.1145/2535771

General Chair:
Dave Levine
UMD
,
Program Chairs:
Sachin Katti
Stanford University
,
Dave Oran
Cisco

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 November 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

National Science Foundation

Conference

HotNets-XII

Sponsor:

SIGCOMM

HotNets-XII: Twelfth ACM Workshop on Hot Topics in Networks

November 21 - 22, 2013

Maryland, College Park

Acceptance Rates

HotNets-XII Paper Acceptance Rate 26 of 110 submissions, 24%;

Overall Acceptance Rate 110 of 460 submissions, 24%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

75
Total Citations
View Citations
346
Total Downloads

Downloads (Last 12 months)42
Downloads (Last 6 weeks)8

Other Metrics

View Author Metrics

Citations

Cited By

Rodday NCunha ÍBush RKatz-Bassett ERodosek GSchmidt TWählisch M(2024)The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future ProspectsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332745521:2(2353-2373)Online publication date: Apr-2024
https://doi.org/10.1109/TNSM.2023.3327455
Klenze TSprenger CBasin D(2023)IsaNetJournal of Computer Security10.3233/JCS-22002131:3(217-259)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.3233/JCS-220021
van Hove Kvan der Ham-de Vos Jvan Rijswijk-Deij R(2023)rpkiller: Threat Analysis of the BGP Resource Public Key InfrastructureDigital Threats: Research and Practice10.1145/36171824:4(1-24)Online publication date: 20-Oct-2023
https://dl.acm.org/doi/10.1145/3617182
Wu YWang YDeJulius JAbboud RWoitel MOsadchyy BRichardson K(2023)Comp-RPKI: A Decentralized Protocol for Full Route Origin Validation2023 9th International Conference on Big Data Computing and Communications (BigCom)10.1109/BIGCOM61073.2023.00048(301-308)Online publication date: 4-Aug-2023
https://doi.org/10.1109/BIGCOM61073.2023.00048
Yang CJia W(2023)BGP anomaly detection - a path-based apporach2023 3rd Asia-Pacific Conference on Communications Technology and Computer Science (ACCTCS)10.1109/ACCTCS58815.2023.00100(408-414)Online publication date: Feb-2023
https://doi.org/10.1109/ACCTCS58815.2023.00100
Kowalski MMazurczyk W(2023)Toward the mutual routing security in wide area networksComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2023.109778230:COnline publication date: 1-Jul-2023
https://dl.acm.org/doi/10.1016/j.comnet.2023.109778
Du BAkiwate GKrenc TTestart CMarder AHuffaker BSnoeren AClaffy K(2022)IRR Hygiene in the RPKI EraPassive and Active Measurement10.1007/978-3-030-98785-5_14(321-337)Online publication date: 22-Mar-2022
https://doi.org/10.1007/978-3-030-98785-5_14
Li PSu JWang XXing Q(2021)DIIASecurity and Communication Networks10.1155/2021/19744932021Online publication date: 1-Jan-2021
https://dl.acm.org/doi/10.1155/2021/1974493
He GSu WGao SYue JDas S(2021)ROAchain: Securing Route Origin Authorization With Blockchain for Inter-Domain RoutingIEEE Transactions on Network and Service Management10.1109/TNSM.2020.301555718:2(1690-1705)Online publication date: Jun-2021
https://doi.org/10.1109/TNSM.2020.3015557
Garcia-Martinez AAngieri SLiu BYang FBagnulo M(2021)Design and Implementation of InBlock—A Distributed IP Address Registration SystemIEEE Systems Journal10.1109/JSYST.2020.300352615:3(3528-3539)Online publication date: Sep-2021
https://doi.org/10.1109/JSYST.2020.3003526
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents