research-article

Free access

From the consent of the routed: improving the transparency of the RPKI

Authors:

Sharon GoldbergAuthors Info & Claims

SIGCOMM '14: Proceedings of the 2014 ACM conference on SIGCOMM

Pages 51 - 62

https://doi.org/10.1145/2619239.2626293

Published: 17 August 2014 Publication History

Abstract

The Resource Public Key Infrastructure (RPKI) is a new infrastructure that prevents some of the most devastating attacks on interdomain routing. However, the security benefits provided by the RPKI are accomplished via an architecture that empowers centralized authorities to unilaterally revoke any IP prefixes under their control. We propose mechanisms to improve the transparency of the RPKI, in order to mitigate the risk that it will be used for IP address takedowns. First, we present tools that detect and visualize changes to the RPKI that can potentially take down an IP prefix. We use our tools to identify errors and revocations in the production RPKI. Next, we propose modifications to the RPKI's architecture to (1) require any revocation of IP address space to receive consent from all impacted parties, and (2) detect when misbehaving authorities fail to obtain consent. We present a security analysis of our architecture, and estimate its overhead using data-driven analysis.

References

[1]

Github: namecoin repository. https://github.com/namecoin/namecoin.

[2]

rcynic software. http://trac.rpki.net.

[3]

RIPE RIS raw data. http://www.ripe.net/data-tools/stats/ris/ris-raw-data.

[4]

Rpki spider. http://rpkispider.verisignlabs.com/.

[5]

University of oregon route views project. http://www.routeviews.org/.

[6]

W. Aiello, J. Ioannidis, and P. McDaniel. Origin authentication in interdomain routing. In Proceedings of the 10th ACM conference on Computer and communications security, pages 165--178. ACM, 2003.

Digital Library

[7]

S. Amante. Risks associated with resource certification systems for internet numbers, 2012.

[8]

D. Anderson. Splinternet behind the great firewall of china. Queue, 10(11):40, 2012.

Digital Library

[9]

R. Austein, G. Huston, S. Kent, and M. Lepinski. RFC 6486: Manifests for the Resource Public Key Infrastructure (RPKI). Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6486.

[10]

H. Ballani, P. Francis, and X. Zhang. A study of prefix hijacking and interception in the Internet. In SIGCOMM'07, 2007.

Digital Library

[11]

R. Bush. Responsible Grandparenting in the RPKI. Internet Engineering Task Force Network Working Group, 2012. http://tools.ietf.org/html/draft-ymbk-rpki-grandparenting-02.

[12]

R. Bush. RPKI-Based Origin Validation Operation. Internet Engineering Task Force Network Working Group, 2012. http://tools.ietf.org/html/draft-ietf-sidr-origin-ops-19.

[13]

R. Bush. RPKI Local Trust Anchor Use Cases. Internet Engineering Task Force (IETF), 2013. http://www.ietf.org/id/draft-ymbk-lta-use-cases-00.txt.

[14]

K. Butler, T. Farley, P. McDaniel, and J. Rexford. A survey of BGP security issues and solutions. Proceedings of the IEEE, 2010.

[15]

C. Cachin and A. Samar. Secure distributed dns. In Dependable Systems and Networks, 2004 International Conference on, pages 423--432. IEEE, 2004.

Digital Library

[16]

CAIDA. AS to organization mapping. http://as-rank.caida.org/?mode0=as-intro#as-org.

[17]

Communications Security, Reliability and Interoperability Council III (CSRIC). Secure bgp deployment. Communications and Strategies.

[18]

D. Cooper, E. Heilman, K. Brogle, L. Reyzin, and S. Goldberg. On the risk of misbehaving RPKI authorities. HotNets XII, 2013.

Digital Library

[19]

J. Cowie. Rensys blog: China's 18-minute mystery. http://www.renesys.com/blog/2010/11/chinas-18-minute-mystery.shtml.

[20]

S. A. Crosby and D. S. Wallach. Efficient data structures for tamper-evident logging. In USENIX Security Symposium, pages 317--334, 2009.

Digital Library

[21]

A. de Beaupre. ISC Diary: Multiple Banking Addresses Hijacked, 2013. http://isc.sans.edu/diary/BGP+multiple+banking+addresses+hijacked/16249.

[22]

P. Eckersley. Sovereign key cryptography for internet domains. Technical report, EFF, 2011.

[23]

C. Evans, C. Palmer, and R. Sleevi, editors. Public Key Pinning Extension for HTTP. IETF Web Security, Internet-Draft, November 27 2013. http://tools.ietf.org/html/draft-ietf-websec-key-pinning-09.

[24]

R. Gagliano, T. Manderson, and C. M. Cagnazzo. Multiple Repository Publication Points support in the Resource Public Key Infrastructure (RPKI). Internet Engineering Task Force (IETF), 2013. http://tools.ietf.org/html/draft-ietf-sidr-multiple-publication-points-00.

[25]

I. Gassko, P. Gemmell, and P. D. MacKenzie. Efficient and fresh cerification. In H. Imai and Y. Zheng, editors, Public Key Cryptography, volume 1751 of Lecture Notes in Computer Science, pages 342--353. Springer, 2000.

Digital Library

[26]

S. Goldberg, M. Schapira, P. Hummon, and J. Rexford. How secure are secure interdomain routing protocols? In SIGCOMM'10, 2010.

Digital Library

[27]

E. Goldman. Sex.com: An update. http://blog.ericgoldman.org/archives/2006/10/sexcom_an_updat.htm, 2006.

[28]

G. Huston, R. Loomans, and G. Michaelson. RFC 6481: A Profile for Resource Certificate Repository Structure. Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6481.

[29]

G. Huston and G. Michaelson. RFC 6483: Validation of Route Origination Using the Resource Certificate Public Key Infrastructure (PKI) and Route Origin Authorizations (ROAs). Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6483.

[30]

G. Huston, G. Michaelson, and S. Kent. RFC 6489: Certification Authority (CA) Key Rollover in the Resource Public Key Infrastructure (RPKI). Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6489.

[31]

G. Huston, M. Rossi, and G. Armitage. Securing BGP: A literature survey. Communications Surveys & Tutorials, IEEE, 13(2):199--222, 2011.

[32]

S. Kent, C. Lynn, and K. Seo. Secure border gateway protocol (S-BGP). J. Selected Areas in Communications, 18(4):582--592, April 2000.

Digital Library

[33]

S. Kent and D. Mandelberg. Suspenders: A Fail-safe Mechanism for the RPKI. Internet Engineering Task Force (IETF), 2013. http://tools.ietf.org/html/draft-kent-sidr-suspenders-00.

[34]

T. H.-J. Kim, L.-S. Huang, A. Perrig, C. Jackson, and V. Gligor. Accountable Key Infrastructure (AKI): A Proposal for a Public-Key Validation Infrastructure. In Proceedings of the International World Wide Web Conference (WWW), May 2013.

Digital Library

[35]

LACNIC. RPKI looking glass. www.labs.lacnic.net/rpkitools/looking_glass/.

[36]

B. Laurie, A. Langley, and E. Kasper. Certificate transparency. Network Working Group Internet-Draft, v12, work in progress. http://tools.ietf.org/html/draft-laurie-pki-sunlight-12, 2013.

[37]

M. Lepinski, editor. BGPSEC Protocol Specification. IETF Network Working Group, Internet-Draft, July 2012. Available from http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-protocol-04.

[38]

M. Lepinski and S. Kent. RFC 6480: An Infrastructure to Support Secure Internet Routing. Internet Engineering Task Force (IETF), 2012. http://tools.ietf.org/html/rfc6480.

[39]

R. Lychev, S. Goldberg, and M. Schapira. Is the juice worth the squeeze? BGP security in partial deployment. In SIGCOMM'13, 2013.

Digital Library

[40]

T. Manderson, L. Vegoda, and S. Kent. RFC 6491: Resource Public Key Infrastructure (RPKI) Objects Issued by IANA". Internet Engineering Task Force (IETF), 1973. http://tools.ietf.org/html/rfc6491.

[41]

S. Misel. "Wow, AS7007!". Merit NANOG Archive, apr 1997. www.merit.edu/mail.archives/nanog/1997-04/msg00340.html.

[42]

P. Mohapatra, J. Scudder, D. Ward, R. Bush, and R. Austein. RFC 6811: BGP prefix origin validation. Internet Engineering Task Force (IETF), 2013. http://tools.ietf.org/html/rfc6811.

[43]

M. Mueller and B. Kuerbis. Negotiating a new governance hierarchy: An analysis of the con icting incentives to secure internet routing. Communications and Strategies, (81):125--142, 2011.

[44]

M. Mueller, A. Schmidt, and B. Kuerbis. Internet security and networked governance in international relations. International Studies Review, 15(1):86--104, 2013.

[45]

S. J. Murdoch and R. Anderson. Access Denied: The Practice and Policy of Global Internet Filtering, chapter Tools and technology of Internet filtering, pages 57--72. MIT Press, 2008.

[46]

NIST. RPKI deployment monitor. http://www-x.antd.nist.gov/rpki-monitor/.

[47]

NIST. Workshop on Improving Trust in the Online Marketplace, 2013. http://www.nist.gov/itl/csd/ct/ca-workshop-agenda2013.cfm.

[48]

E. Osterweil, S. Amante, D. Massey, and D. McPherson. The great ipv4 land grab: resource certification for the ipv4 grey market. In Proceedings of the 10th ACM Workshop on Hot Topics in Networks, page 12. ACM, 2011.

Digital Library

[49]

E. Osterweil, T. Manderson, R. White, and D. McPherson. Sizing estimates for a fully deployed rpki. Technical report, Verisign Labs Technical Report, 2012.

[50]

A. Peterson. Researchers say u.s. internet traffic was re-routed through belarus. that's a problem. Washington Post, November 20 2013.

[51]

A. Pilosov and T. Kapela. Stealing the internet, 2009.

[52]

D. Piscitello. Guidance for preparing domain name orders, seizures & takedowns. Technical report, ICANN, March 2012.

[53]

D. Piscitello. The value of assessing collateral damage before requesting a domain seizure. Technical report, ICANN, 2013.

[54]

I. G. Project. In important case, RIPE-NCC seeks legal clarity on how it responds to foreign court orders, 2011. http://www.internetgovernance.org/2011/11/23/in-important-case-ripe-ncc-seeks-legal-clarity-on-how-it-responds-to-foreign-court-orders/.

[55]

V. Ramasubramanian and E. G. Sirer. The design and implementation of a next generation name service for the internet. ACM SIGCOMM Computer Communication Review, 34(4):331--342, 2004.

Digital Library

[56]

Rensys Blog. Pakistan hijacks YouTube. http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml.

[57]

RIPE. RPKI validator. http://localcert.ripe.net:8088/trust-anchors.

[58]

B. Schneier and J. Kelsey. Automatic event-stream notarization using digital signatures. In Security Protocols, pages 155--169. Springer, 1997.

Digital Library

[59]

W. Sierpinski. Sur une courbe dont tout point est un point de ramification. Comptes Rendus de l'Acadamie des Sciences, 160:302--305, 1915.

[60]

Surfnet. RPKI dashboard. http://rpki.surfnet.nl/validitytables.html.

[61]

The President's National Security Telecommunications Advisory Committee. Nstac report to the president on communications resiliency, 2011.

[62]

M. Wahlisch, O. Maennel, and T. Schmidt. Towards detecting BGP route hijacking using the RPKI. In Poster: SIGCOMM'12, pages 103--104. ACM, 2012.

Digital Library

[63]

L. Wang, J. Park, R. Oliveira, and B. Zhang. Internet topology collection. http://irl.cs.ucla.edu/topology/.

[64]

R. White. Deployment considerations for secure origin BGP (soBGP). draft-white-sobgp-bgp-deployment-01.txt, June 2003, expired.

[65]

X. Zhang, H.-C. Hsiao, G. Hasker, H. Chan, A. Perrig, and D. G. Andersen. SCION: scalability, control, and isolation on next-generation networks. In IEEE Security and Privacy (SP), 2011.

Digital Library

[66]

L. Zhou, F. B. Schneider, and R. Van Renesse. COCA: A secure distributed online certification authority. ACM Transactions on Computer Systems (TOCS), 20(4):329--368, 2002.

Digital Library

Cited By

Rodday NCunha ÍBush RKatz-Bassett ERodosek GSchmidt TWählisch M(2024)The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future ProspectsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332745521:2(2353-2373)Online publication date: Apr-2024
https://doi.org/10.1109/TNSM.2023.3327455
Zeng MHuang XZhang PLi DXie K(2024)Improving Prefix Hijacking Defense of RPKI From an Evolutionary Game PerspectiveIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2024.337164421:6(5170-5184)Online publication date: Nov-2024
https://doi.org/10.1109/TDSC.2024.3371644
Wu YWang YDeJulius JAbboud RWoitel MOsadchyy BRichardson K(2023)Comp-RPKI: A Decentralized Protocol for Full Route Origin Validation2023 9th International Conference on Big Data Computing and Communications (BigCom)10.1109/BIGCOM61073.2023.00048(301-308)Online publication date: 4-Aug-2023
https://doi.org/10.1109/BIGCOM61073.2023.00048
Show More Cited By

Index Terms

From the consent of the routed: improving the transparency of the RPKI
1. Networks
  1. Network protocols
    1. Network layer protocols
      1. Routing protocols

Recommendations

Behind the Scenes of RPKI
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security

Best practices for making RPKI resilient to failures and attacks recommend using multiple URLs and certificates for publication points as well as multiple relying parties. We find that these recommendations are already supported by 63% of the ASes with ...
From the consent of the routed: improving the transparency of the RPKI
SIGCOMM'14

The Resource Public Key Infrastructure (RPKI) is a new infrastructure that prevents some of the most devastating attacks on interdomain routing. However, the security benefits provided by the RPKI are accomplished via an architecture that empowers ...
RIKE+: using revocable identities to support key escrow in public key infrastructures with flexibility

Public key infrastructures (PKIs) are proposed to provide various security services. Some security services such as confidentiality require key escrow in certain scenarios, whereas some others such as non‐repudiation and authentication usually prohibit ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGCOMM '14: Proceedings of the 2014 ACM conference on SIGCOMM

August 2014

662 pages

ISBN:9781450328364

DOI:10.1145/2619239

General Chairs:
Fabián E. Bustamante
Northwestern University, USA
,
Y. Charlie Hu
Purdue University, USA
,
Program Chairs:
Arvind Krishnamurthy
University of Washington, USA
,
Sylvia Ratnasamy
University of California, Berkeley, USA

ACM SIGCOMM Computer Communication Review Volume 44, Issue 4
SIGCOMM'14
October 2014
672 pages
ISSN:0146-4833
DOI:10.1145/2740070
Editors:
Konstantina Papagiannaki
Telefonica Research, Barcelona, Spain
,
Katerina Argyraki
EPFL, Switzerland
,
Hitesh Ballani
Microsoft Research Cambridge, UK
,
Fabián Bustamante
Northwestern University, USA
,
Joseph Camp
SMU, USA
,
Augustin Chaintreau
Columbia University, USA
,
Phillipa Gill
Stony Brook University, USA
,
Marco Mellia
Politecnico di Torino, Italy
,
Bhaskaran Raman
IIT Bombay, India
,
Joel Sommers
Colgate University, USA
,
Aline Carneiro Viana
INRIA, France
Issue’s Table of Contents

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 August 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

SIGCOMM'14

Sponsor:

SIGCOMM

SIGCOMM'14: ACM SIGCOMM 2014 Conference

August 17 - 22, 2014

Illinois, Chicago, USA

Acceptance Rates

SIGCOMM '14 Paper Acceptance Rate 45 of 242 submissions, 19%;

Overall Acceptance Rate 462 of 3,389 submissions, 14%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

43
Total Citations
View Citations
1,488
Total Downloads

Downloads (Last 12 months)153
Downloads (Last 6 weeks)18

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Rodday NCunha ÍBush RKatz-Bassett ERodosek GSchmidt TWählisch M(2024)The Resource Public Key Infrastructure (RPKI): A Survey on Measurements and Future ProspectsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.332745521:2(2353-2373)Online publication date: Apr-2024
https://doi.org/10.1109/TNSM.2023.3327455
Zeng MHuang XZhang PLi DXie K(2024)Improving Prefix Hijacking Defense of RPKI From an Evolutionary Game PerspectiveIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2024.337164421:6(5170-5184)Online publication date: Nov-2024
https://doi.org/10.1109/TDSC.2024.3371644
Wu YWang YDeJulius JAbboud RWoitel MOsadchyy BRichardson K(2023)Comp-RPKI: A Decentralized Protocol for Full Route Origin Validation2023 9th International Conference on Big Data Computing and Communications (BigCom)10.1109/BIGCOM61073.2023.00048(301-308)Online publication date: 4-Aug-2023
https://doi.org/10.1109/BIGCOM61073.2023.00048
Kowalski MMazurczyk W(2023)Toward the mutual routing security in wide area networksComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2023.109778230:COnline publication date: 1-Jul-2023
https://dl.acm.org/doi/10.1016/j.comnet.2023.109778
Du BAkiwate GKrenc TTestart CMarder AHuffaker BSnoeren AClaffy K(2022)IRR Hygiene in the RPKI EraPassive and Active Measurement10.1007/978-3-030-98785-5_14(321-337)Online publication date: 22-Mar-2022
https://doi.org/10.1007/978-3-030-98785-5_14
Shrishak KShulman H(2021)Privacy Preserving and Resilient RPKIIEEE INFOCOM 2021 - IEEE Conference on Computer Communications10.1109/INFOCOM42981.2021.9488759(1-10)Online publication date: 10-May-2021
https://dl.acm.org/doi/10.1109/INFOCOM42981.2021.9488759
Su YWang BXing QLi PWang XLi C(2021)Research on Blockchain-Based Inter-Domain Routing Authentication Technology2021 IEEE 21st International Conference on Communication Technology (ICCT)10.1109/ICCT52962.2021.9657917(810-816)Online publication date: 13-Oct-2021
https://doi.org/10.1109/ICCT52962.2021.9657917
Shrishak KShulman H(2020)Limiting the Power of RPKI AuthoritiesProceedings of the 2020 Applied Networking Research Workshop10.1145/3404868.3406674(12-18)Online publication date: 27-Jul-2020
https://dl.acm.org/doi/10.1145/3404868.3406674
Angieri SGarcia-Martinez ALiu BYan ZWang CBagnulo M(2020)A Distributed Autonomous Organization for Internet Address ManagementIEEE Transactions on Engineering Management10.1109/TEM.2019.292473767:4(1459-1475)Online publication date: Nov-2020
https://doi.org/10.1109/TEM.2019.2924737
Angieri SBagnulo MGarcia-Martinez ALiu BWei X(2020)InBlock4: Blockchain-based Route Origin ValidationIEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)10.1109/INFOCOMWKSHPS50562.2020.9162879(291-296)Online publication date: Jul-2020
https://doi.org/10.1109/INFOCOMWKSHPS50562.2020.9162879
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten