RPKI: Not Perfect But Good Enough
- URL: http://arxiv.org/abs/2409.14518v1
- Date: Sun, 22 Sep 2024 16:21:14 GMT
- Title: RPKI: Not Perfect But Good Enough
- Authors: Haya Schulmann, Niklas Vogel, Michael Waidner,
- Abstract summary: The Resource Public Key Infrastructure protocol was standardized to add cryptographic security to Internet routing.
The White House indicated in its Roadmap to Enhance Internet Security, on 4 September 2024, that RPKI is a mature and readily available technology for securing inter-domain routing.
This work presents the first comprehensive study of the maturity of RPKI as a viable production-grade technology.
- Score: 18.399905446335904
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: The Resource Public Key Infrastructure (RPKI) protocol was standardized to add cryptographic security to Internet routing. With over 50% of Internet resources protected with RPKI today, the protocol already impacts significant parts of Internet traffic. In addition to its growing adoption, there is also increasing political interest in RPKI. The White House indicated in its Roadmap to Enhance Internet Routing Security, on 4 September 2024, that RPKI is a mature and readily available technology for securing inter-domain routing. The Roadmap attributes the main obstacles towards wide adoption of RPKI to a lack of understanding, lack of prioritization, and administrative barriers. This work presents the first comprehensive study of the maturity of RPKI as a viable production-grade technology. We find that current RPKI implementations still lack production-grade resilience and are plagued by software vulnerabilities, inconsistent specifications, and operational challenges, raising significant security concerns. The deployments lack experience with full-fledged strict RPKI-validation in production environments and operate in fail-open test mode. We provide recommendations to improve RPKI resilience and guide stakeholders in securing their deployments against emerging threats. The numerous issues we have discovered with the current RPKI specifications and implementations inevitably lead to the question: Is RPKI sufficiently stable to align with the expectations outlined in the White House roadmap? Certainly, it is not perfect, but is it good enough? The answer, as we will explore, varies depending on one's viewpoint.
Related papers
- Pruning the Tree: Rethinking RPKI Architecture From The Ground Up [2.340368527699536]
Resource Public Key Infrastructure (RPKI) is a critical security mechanism for BGP.<n>RPKI design heavily reuses legacy PKI components, such as X.509 EE-certificates, ASN.1 encoding, and XML-based repository protocols.<n>We show that these design choices, although based on established standards, create significant performance bottlenecks, increase the vulnerability surface, and hinder scalability for wide-scale Internet deployment.
arXiv Detail & Related papers (2025-07-02T08:24:50Z) - In-House Evaluation Is Not Enough: Towards Robust Third-Party Flaw Disclosure for General-Purpose AI [93.33036653316591]
We call for three interventions to advance system safety.
First, we propose using standardized AI flaw reports and rules of engagement for researchers.
Second, we propose GPAI system providers adopt broadly-scoped flaw disclosure programs.
Third, we advocate for the development of improved infrastructure to coordinate distribution of flaw reports.
arXiv Detail & Related papers (2025-03-21T05:09:46Z) - Learning to Identify Conflicts in RPKI [0.0]
We introduce a new mechanism, LOV, designed for whitelisting benign conflicts on an Internet scale.
We measure live BGP updates using LOV during a period of half a year and whitelist 52,846 routes with benign origin errors.
arXiv Detail & Related papers (2025-02-05T17:16:44Z) - Poster: From Fort to Foe: The Threat of RCE in RPKI [16.84312626844573]
We present a novel severe buffer-overflow vulnerability in the RPKI validator Fort.
This vulnerability allows an attacker to achieve Remote Code Execution on the machine running the software.
arXiv Detail & Related papers (2024-11-25T16:01:02Z) - Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - SoK: An Introspective Analysis of RPKI Security [19.075820340282938]
The Resource Public Key Infrastructure (RPKI) is the main mechanism to protect inter-domain routing with BGP from prefix hijacks.
Almost half of all the global prefixes are now covered by RPKI and measurements show that 27% of networks are already using RPKI to validate BGP announcements.
arXiv Detail & Related papers (2024-08-22T12:57:09Z) - Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
We investigate the security implications of and software-based Open Radio Access Network (RAN) systems.
We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
arXiv Detail & Related papers (2024-05-03T07:18:45Z) - Byzantine-Secure Relying Party for Resilient RPKI [17.461853355858022]
We develop BRP, a Byzantine-Secure relying party implementation.
We show through simulations and experiments that BRP, as an intermediate RPKI service, results in less load on RPKI publication points and a robust output despite RPKI repository failures, jitter, and attacks.
arXiv Detail & Related papers (2024-05-01T14:04:48Z) - Quantum Resistant Ciphertext-Policy Attribute-Based Encryption Scheme with Flexible Access Structure [0.0]
We present a novel ciphertext-policy based encryption (CP-ABE) scheme that offers a flexible access structure.
Our scheme incorporates an access tree as its access control policy, enabling fine-grained access control over encrypted data.
The security of our scheme is provable under the hardness assumption of the decisional Ring-Learning with Errors (R-LWE) problem.
arXiv Detail & Related papers (2024-01-25T10:55:23Z) - The CURE To Vulnerabilities in RPKI Validation [19.36803276657266]
RPKI has seen increasing adoption, with now 37.8% of the major networks filtering bogus BGP routes.
We report a total of 18 vulnerabilities that can be exploited to downgrade RPKI validation in border routers.
We generate over 600 million test cases and tested all popular RPs on them.
arXiv Detail & Related papers (2023-12-04T13:09:37Z) - Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive
Privacy Analysis and Beyond [57.10914865054868]
We consider vertical logistic regression (VLR) trained with mini-batch descent gradient.
We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
arXiv Detail & Related papers (2022-07-19T05:47:30Z) - Multi-Objective SPIBB: Seldonian Offline Policy Improvement with Safety
Constraints in Finite MDPs [71.47895794305883]
We study the problem of Safe Policy Improvement (SPI) under constraints in the offline Reinforcement Learning setting.
We present an SPI for this RL setting that takes into account the preferences of the algorithm's user for handling the trade-offs for different reward signals.
arXiv Detail & Related papers (2021-05-31T21:04:21Z) - Deep Reinforcement Learning with Robust and Smooth Policy [90.78795857181727]
We propose to learn a smooth policy that behaves smoothly with respect to states.
We develop a new framework -- textbfSmooth textbfRegularized textbfReinforcement textbfLearning ($textbfSR2textbfL$), where the policy is trained with smoothness-inducing regularization.
Such regularization effectively constrains the search space, and enforces smoothness in the learned policy.
arXiv Detail & Related papers (2020-03-21T00:10:29Z) - Robust Deep Reinforcement Learning against Adversarial Perturbations on
State Observations [88.94162416324505]
A deep reinforcement learning (DRL) agent observes its states through observations, which may contain natural measurement errors or adversarial noises.
Since the observations deviate from the true states, they can mislead the agent into making suboptimal actions.
We show that naively applying existing techniques on improving robustness for classification tasks, like adversarial training, is ineffective for many RL tasks.
arXiv Detail & Related papers (2020-03-19T17:59:59Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.