Abstract:     The RPKI is a new security infrastructure that relies on trusted authorities to prevent some of the most devastating attacks on interdomain routing. The threat model for the RPKI supposes that authorities are trusted and routing is under attack. This project considers the risks that arise when this threat model is flipped: when RPKI authorities are faulty, misconfigured, compromised, or compelled (e.g. by governments) to misbehave. We show how design decisions that elegantly address the vulnerabilities in the original threat model have unexpected side effects in this flipped threat model. We also propose new mechanisms to improve the transparency and robustness of the RPKI.

Our work (at HotNets'13) was awarded a 2014 IETF/IRTF Applied Networking Research Prize.

Papers:

• From the Consent of the Routed: Improving the Transparency of the RPKI
  Ethan Heilman, Danny Cooper, Leonid Reyzin and Sharon Goldberg.
  SIGCOMM'14, Chicago, IL. August 2014.
      SIGCOMM paper     full technical report
  
  
• On the Risk of Misbehaving RPKI Authorities
  Danny Cooper, Ethan Heilman, Kyle Brogle, Leonid Reyzin and Sharon Goldberg.
  HotNets-XII, College Park, MD. November 2013.
      full technical report     short HotNets paper
  
  
• RPKI vs ROVER: Comparing the Risks of BGP Security Solutions
  Aanchal Malhotra and Sharon Goldberg.
  Poster at SIGCOMM'14, Chicago, IL. August 2014.
      report (ePrint)
  
  
• Impacting IP Prefix Reachability via RPKI Manipulations (superseded)
  Kyle Brogle, Danny Cooper, Sharon Goldberg and Leonid Reyzin.
  Boston University Computer Science Technical Report (BUCS-TR-2013-001), January 2013.
     report (superseded by HotNet'13 paper)
  

Selected Presentations:

• Sharon Goldberg. On the Risk of Misbehaving RPKI Authorities
  IEFT'91, Applied Networking Research Prize Presentation. Honolulu, HI. November 10, 2014.   slides
  
  
• Sharon Goldberg. Proposal for signaling consent from whacked RPKI objects
  IEFT'91, SIDR Working Group Meeting. Honolulu, HI. November 10, 2014.   slides
  
  
• Ethan Heilman. From the Consent of the Routed: Improving the Transparency of the RPKI
  SIGCOMM'14. Chicago, IL. August 2014.   slides
  
  
• Sharon Goldberg. The Transition to BGP Security: Is the Juice Worth the Squeeze?
  Related talk at Israel I-CORE Day. April 2014.   YouTube video (31 mins)
  Related talk at Stanford Net Seminar. November 2013.   YouTube video (59 mins)
  
  
• Danny Cooper. Impacting IP Prefix Reachability via RPKI Manipulations
  Lightening Talk at Boston Freedom in Online Communications Day (BFOC'13). March 2013.   slides    
  

Code:

• BUSEC RPKI Routing Downgrades Detector.
  Ethan Heilman, Danny Cooper, Leonid Reyzin and Sharon Goldberg.
    See Section 4 of our SIGCOMM'14 paper     github link

Team:

• Kyle Brogle
• Danny Cooper
• Ethan Heilman
• Aanchal Malhotra
• Leonid Reyzin
• Sharon Goldberg

This material is based upon work supported by the National Science Foundation under Grants 1017907, 1012798, 1350733, and 1012910, and a gift from Cisco. Any opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors.

Home