Privacy Preserving and Resilient RPKI
This work is significant for network operators and internet security by enhancing the resilience and privacy of RPKI against nation-state-level attacks, which currently hinders RPKI adoption.
This paper addresses the vulnerability of Resource Public Key Infrastructure (RPKI) to unilateral IP prefix takedowns by Regional Internet Registries (RIRs). The authors propose the first distributed RPKI system using threshold signatures, which requires coordination among multiple RIRs to modify RPKI objects, thereby preventing single-point-of-failure attacks.
Resource Public Key Infrastructure (RPKI) is vital to the security of inter-domain routing. However, RPKI enables Regional Internet Registries (RIRs) to unilaterally takedown IP prefixes - indeed, such attacks have been launched by nation-state adversaries. The threat of IP prefix takedowns is one of the factors hindering RPKI adoption. In this work, we propose the first distributed RPKI system, based on threshold signatures, that requires the coordination of a number of RIRs to make changes to RPKI objects; hence, preventing unilateral prefix takedown. We perform extensive evaluations using our implementation demonstrating the practicality of our solution. Furthermore, we show that our system is scalable and remains efficient even when RPKI is widely deployed.