Threat analysis of RPKI relying party software
KW Hove - 2022 - essay.utwente.nl
We have looked into the unique characteristics of the RPKI, where unlike other common
protocols all information must be retrieved first, and used that to create a threat model where …
protocols all information must be retrieved first, and used that to create a threat model where …
Rpkiller: Threat analysis from an RPKI relying party perspective
K Van Hove, J van der Ham… - arXiv preprint arXiv …, 2022 - arxiv.org
The Resource Public Key Infrastructure (RPKI) aims to secure internet routing by creating an
infrastructure where resource holders can make attestations about their resources. RPKI …
infrastructure where resource holders can make attestations about their resources. RPKI …
Behind the scenes of RPKI
Best practices for making RPKI resilient to failures and attacks recommend using multiple
URLs and certificates for publication points as well as multiple relying parties. We find that …
URLs and certificates for publication points as well as multiple relying parties. We find that …
A Protocol for Solving Certificate Poisoning for the OpenPGP Keyserver Network
G Wolf, JL Ortega Arjona - Journal of Internet Services and …, 2024 - ru.iiec.unam.mx
The OpenPGP encryption standard builds on a transitive trust distribution model for identity
assertion, using a non-authenticated, distributed keyserver network for key distribution and …
assertion, using a non-authenticated, distributed keyserver network for key distribution and …
rpkiller: Threat Analysis of the BGP Resource Public Key Infrastructure
K van Hove, J van der Ham-de Vos… - … Threats: Research and …, 2023 - dl.acm.org
The Resource Public Key Infrastucture (RPKI) has been created to solve security
shortcomings of the Border Gateway Protocol (BGP). This creates an infrastructure where …
shortcomings of the Border Gateway Protocol (BGP). This creates an infrastructure where …
RFC 6486: Manifests for the Resource Public Key Infrastructure (RPKI)
R Austein, G Huston, S Kent, M Lepinski - 2012 - dl.acm.org
This document defines a" manifest" for use in the Resource Public Key Infrastructure (RPKI).
A manifest is a signed object (file) that contains a listing of all the signed objects (files) in the …
A manifest is a signed object (file) that contains a listing of all the signed objects (files) in the …
[PDF][PDF] dRR: A Decentralized, Scalable, and Auditable Architecture for RPKI Repository
Although Resource Public Key Infrastructure (RPKI) is critical for securing inter-domain
routing, we find that its key component, the RPKI Repository, is under studied. We conduct …
routing, we find that its key component, the RPKI Repository, is under studied. We conduct …
Autonomous collision attack on OCSP services
K Ivanov - arXiv preprint arXiv:1609.03047, 2016 - arxiv.org
The paper describes two important design flaws in Online Certificate Status Protocol
(OCSP), a protocol widely used in PKI environments for managing digital certificates' …
(OCSP), a protocol widely used in PKI environments for managing digital certificates' …
Preparing for and responding to certification authority compromise and fraudulent certificate issuance
P Turner, W Polk, E Barker - 2012 - csrc.nist.gov
As the use of Public Key Infrastructure (PKI) and digital certificates (eg, the use of Transport
Layer Security [TLS] and Secure Sockets Layer [SSL]) for the security of systems has …
Layer Security [TLS] and Secure Sockets Layer [SSL]) for the security of systems has …
PKI layer cake: New collision attacks against the global X. 509 infrastructure
D Kaminsky, ML Patterson, L Sassaman - International Conference on …, 2010 - Springer
Introduction Research unveiled in December of 2008 [15] showed how MD5's long-known
flaws could be actively exploited to attack the real-worldCertification Authority infrastructure …
flaws could be actively exploited to attack the real-worldCertification Authority infrastructure …