From the Consent of the Routed: Improving the Transparency of the RPKI
The Resource Public Key Infrastructure (RPKI) is a new infrastructure that prevents some of
the most devastating attacks on interdomain routing. However, the security benefits provided …
the most devastating attacks on interdomain routing. However, the security benefits provided …
Limiting the power of RPKI authorities
K Shrishak, H Shulman - … of the Applied Networking Research Workshop, 2020 - dl.acm.org
Although Resource Public Key Infrastructure (RPKI) is critical for securing the inter-domain
routing, one of the arguments hindering its adoption is the significant power that it provides …
routing, one of the arguments hindering its adoption is the significant power that it provides …
On the risk of misbehaving RPKI authorities
The RPKI is a new security infrastructure that relies on trusted authorities to prevent some of
the most devastating attacks on interdomain routing. The threat model for the RPKI …
the most devastating attacks on interdomain routing. The threat model for the RPKI …
Are we there yet? On RPKI's deployment and security
Abstract The Resource Public Key Infrastructure (RPKI) binds IP address blocks to owners'
public keys. RPKI enables routers to perform Route Origin Validation (ROV), thus preventing …
public keys. RPKI enables routers to perform Route Origin Validation (ROV), thus preventing …
Maxlength considered harmful to the RPKI
Y Gilad, O Sagga, S Goldberg - … of the 13th International Conference on …, 2017 - dl.acm.org
User convenience and strong security are often at odds, and most security applications need
to find some sort of balance between these two (often opposing) goals. The Resource Public …
to find some sort of balance between these two (often opposing) goals. The Resource Public …
DISCO: Sidestepping RPKI's deployment barriers
BGP is a gaping security hole in today's Internet, as evidenced by numerous Internet
outages and blackouts, repeated traffic hijacking, and surveillance incidents. Yet, despite …
outages and blackouts, repeated traffic hijacking, and surveillance incidents. Yet, despite …
RPKI is coming of age: A longitudinal study of RPKI deployment and invalid route origins
Despite its critical role in Internet connectivity, the Border Gateway Protocol (BGP) remains
highly vulnerable to attacks such as prefix hijacking, where an Autonomous System (AS) …
highly vulnerable to attacks such as prefix hijacking, where an Autonomous System (AS) …
Stalloris:{RPKI} downgrade attack
We demonstrate the first downgrade attacks against RPKI. The key design property in RPKI
that allows our attacks is the tradeoff between connectivity and security: when networks …
that allows our attacks is the tradeoff between connectivity and security: when networks …
RoVista: Measuring and analyzing the route origin validation (ROV) in RPKI
The Resource Public Key Infrastructure (RPKI) is a system to add security to the Internet
routing. In recent years, the publication of Route Origin Authorization (ROA) objects, which …
routing. In recent years, the publication of Route Origin Authorization (ROA) objects, which …
Poster: RPKI kill switch
Relying party implementations are an important component of RPKI: they fetch and validate
the signed authorizations mapping prefixes to their owners. Border routers use this …
the signed authorizations mapping prefixes to their owners. Border routers use this …