Hardening the RPKI Against Faulty or Misbehaving Authorities



BUSEC: Boston University Security Group

Abstract: The RPKI is a new security infrastructure that relies on trusted authorities to prevent some of the most devastating attacks on interdomain routing. The threat model for the RPKI supposes that authorities are trusted and routing is under attack. This project considers the risks that arise when this threat model is flipped: when RPKI authorities are faulty, misconfigured, compromised, or compelled (e.g. by governments) to misbehave. We show how design decisions that elegantly address the vulnerabilities in the original threat model have unexpected side effects in this flipped threat model. We also propose new mechanisms to improve the transparency and robustness of the RPKI.

Our work (at HotNets'13) was awarded a 2014 IETF/IRTF Applied Networking Research Prize.

Papers:

Selected Presentations:

Sharon Goldberg. On the Risk of Misbehaving RPKI Authorities

IEFT'91, Applied Networking Research Prize Presentation. Honolulu, HI. November 10, 2014. slides





Sharon Goldberg. IEFT'91, Applied Networking Research Prize Presentation. Honolulu, HI. November 10, 2014. slides Sharon Goldberg. Proposal for signaling consent from whacked RPKI objects

IEFT'91, SIDR Working Group Meeting. Honolulu, HI. November 10, 2014. slides





IEFT'91, SIDR Working Group Meeting. Honolulu, HI. November 10, 2014. slides Ethan Heilman. From the Consent of the Routed: Improving the Transparency of the RPKI

SIGCOMM'14. Chicago, IL. August 2014. slides





SIGCOMM'14. Chicago, IL. August 2014. slides Sharon Goldberg. The Transition to BGP Security: Is the Juice Worth the Squeeze?

Related talk at Israel I-CORE Day. April 2014. YouTube video (31 mins)

Related talk at Stanford Net Seminar. November 2013. YouTube video (59 mins)





Related talk at Israel I-CORE Day. April 2014. YouTube video (31 mins) Related talk at Stanford Net Seminar. November 2013. YouTube video (59 mins) Danny Cooper. Impacting IP Prefix Reachability via RPKI Manipulations

Lightening Talk at Boston Freedom in Online Communications Day (BFOC'13). March 2013. slides



Code:

BUSEC RPKI Routing Downgrades Detector.

Ethan Heilman, Danny Cooper, Leonid Reyzin and Sharon Goldberg.

See Section 4 of our SIGCOMM'14 paper github link

Team: