rpkiller: Threat Analysis of the BGP Resource Public Key Infrastructure-Reference-Cited by-同舟云学术

rpkiller: Threat Analysis of the BGP Resource Public Key Infrastructure

Published:2023-10-20 Issue:4 Volume:4 Page:1-24
ISSN:2692-1626
Container-title:Digital Threats: Research and Practice
language:en
Short-container-title:Digital Threats

Author:

van Hove Koen¹^ORCID,van der Ham-de Vos Jeroen²^ORCID,van Rijswijk-Deij Roland²^ORCID

Affiliation:

1. NLnet Labs, Amsterdam, The Netherlands & University of Twente, The Netherlands

2. University of Twente, The Netherlands

Abstract

The Resource Public Key Infrastucture (RPKI) has been created to solve security shortcomings of the Border Gateway Protocol (BGP). This creates an infrastructure where resource holders (autonomous systems) can make attestations about their resources (IP-subnets). RPKI Certificate Authorities make these attestations available at Publication Points. Relying Party software retrieves and processes the RPKI-related data from all publication points, validates the data and makes it available to routers so they can make secure routing decisions. We contribute to this work by doing a threat analysis for Relying Party software, where an attacker controls a Certificate Authority and Publication Point. We implement a prototype testbed to analyse how current Relying Party software implementations react to scenarios originating from that threat model. Our results show that all current Relying Party software was susceptible to at least one of the identified threats. In addition to this, we also identified threats stemming from choices made in the protocol itself. Taken together, these threats potentially allowed an attacker to fully disrupt all RPKI Relying Party software on a global scale. We elaborate on our process, and we discuss the types of responses we received from other parties. We performed a Coordinated Vulnerability Disclosure to the implementers.

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Computer Science Applications,Hardware and Architecture,Safety Research,Information Systems,Software

Link

https://dl.acm.org/doi/pdf/10.1145/3617182

Reference77 articles.

1. Transport Layer Security (TLS) Extensions: Extension Definitions;3rd Donald E. Eastlake;RFC 6066,2011

2. Alexander Azimov, Eugene Bogomazov, Randy Bush, Keyur Patel, and Job Snijders. 2021. Verification of AS_PATH Using the Resource Certificate Public Key Infrastructure and Autonomous System Provider Authorization. Internet-Draft draft-ietf-sidrops-aspa-verification-07. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-aspa-verification-07Work in Progress.

3. Mike Bishop. 2021. Hypertext Transfer Protocol Version 3 (HTTP/3). Internet-Draft draft-ietf-quic-http-34. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-ietf-quic-http-34Work in Progress.

4. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile;Boeyen Sharon;RFC 5280,2008

5. Tim Bruijnzeels, Randy Bush, and George G. Michaelson. 2021. Resource Public Key Infrastructure (RPKI) Repository Requirements. Internet-Draft draft-ietf-sidrops-prefer-rrdp-01. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-prefer-rrdp-01Work in Progress.