RPKIat CNNIC
Zhiwei Yan
WhydoweneedRPKI?
Feb,2014HackerRedirectsTrafficFrom19InternetProviderstoStealBitcoins
Feb2008PakistanTelecom broughtdown YouTubeworldwide
Jan,2015AnISPinUSAhijackanIPprefixofIIJfromJapan
Nov,2015,AnISPinIndiaasBhartiAirtel hijackalotofIPprefix
Prefixhijackingisoneof thelarge-scaleBGPspecificroutinganomaliesthatareabletoparalyzetheInternet.
RPKI(ResourcePublicKeyInfrastructure) isdesigned topreventroutehijackingandotherattacksonBGP.
Prefixhijacking:AttackerscanusebogusBGPUPDATE(NLRIandPathAttributes)messagestodisruptroutingwithoutbreakingthepeer-peerconnection.
BGP UPDATE Message Format :
NLRI:NetworkLayerReachabilityInformation
WhydoweneedRPKI?
Bogus BGP UPDATE Message
According to“preferthe path withthe shortest AS_PATH”rule, AS4prefersmessagefromAS5to messagefromAS1.
AS3
AS2 AS4
AS1 AS5
218.241.0.0/16AS_PATH:21
NLRI:218.241.0.0/16AS_PATH:321
AS1wasauthorizedtooriginateprefix218.241.0.0/16
NLRI:218.241.0.0/16AS_PATH:1
AS3
AS2 AS4
AS1 AS5
218.241.0.0/16AS_PATH:21
NLRI:218.241.0.0/16AS_PATH:321
NLRI:218.241.0.0/20AS_PATH:5
NLRI:218.241.0.0/16AS_PATH:1
AS5forgesBGPUPDATEMessage
WhydoweneedRPKI?
Actually,BGPprotocolacceptsanyroutestheylearnfromtheirneighbors.
Obviously, thismayresultinRouteHijackingontheInternet.
Authorization
Ownership
Unable to verify who is the legitimate holder of the INRs (Internet Number Resources).
Unable to verify who has the authorization to originate specific IP prefixes
WhydoweneedRPKI?
BGPisvulnerabletoavarietyofroutingattacksbecauseof thelackofaverificationmechanismtoensure thelegitimacyofBGPmessages(especiallytheorigin information).
RPKI isproposed inIETFtooffers averificationmechanismtoprotecttheownershipandauthorizationoftheINRs(InternetNumberResources).
WhydoweneedRPKI?
CertificateAuthority,CAAnyresourceholderwhoisauthorized tosub-allocatetheseresourcesmustbeabletoissueresourcecertificatestocorrespond tothesesub-allocations.Thus,forexample,CAcertificateswillbeassociatedwithIANAandeachoftheRIRs,NIRs,andLIRs/ISPs.Also,aCAcertificateisrequired toenablearesourceholder toissueROAs,becauseitmustissuethecorresponding end-entitycertificateusedtovalidateeachROA.
End-entity,EETheprivatekeycorresponding toapublickeycontainedinanEEcertificateisnotusedtosignothercertificatesinaPKI.Theprimaryfunctionofend-entitycertificatesinthisPKIistheverificationofsignedobjectsthatrelatetotheusageoftheresourcesdescribed inthecertificate,e.g.,ROAsandmanifests.
TrustAnchor,TAAtrustanchorintheRPKIisrepresentedbyaself-signedX.509CertificationAuthority(CA)certificate,aformatcommonlyusedinPKIsandwidelysupportedbyRPsoftware
TheArchitectureof RPKI
TheArchitectureof RPKI-the relationofrolesanddata
Resource Holders
CA
LIR/ISP
Subscribers
IANA
RIR
NIR
CRL
CA certificate
EE certificate
ROA
manifest
Repository
INR(Internet Number Resources)
Entity PKI
Resources
Signed Objects
ROAProfile–RFC6482
Challenges NOW:
BGPSEC
RPKI-Safegurad
RFC6480 AnInfrastructuretoSupportSecureInternetRouting
RFC6487 AProfileforX.509PKIXResourceCertificates
RFC6481 ResourceCertificateRepositoryStructure
RFC6489 Key Rollover
RFC6490 RPKITrustAnchorLocator
RFC6484 CertificatePolicyfortheRPKI
RFC6485 TheProfileforAlgorithmsandKeySizesforUseinRPKI
RFC6482 AProfileforROAs
RFC6486 ManifestsfortheRPKI
RFC6488 SignedObjectTemplateforRPKI
RFC6483 ValidationofRouteOriginationUsingRPKIandROAs
ThestandardizationprocessofRPKI
IndustrialproductsofRPKI
CiscoBGProutersSupporting BGPCommand(matchRPKI)
JuniperroutersConfiguringOriginValidationforBGP
Alcatel-LucentServiceRouter (Release12.0R4)TryingtosupportRPKI
Deploymentsituation
5RIRshavefinished thedeploymentofRPKI.AnumberofcountrieshavealsostartedtodeployRPKIinteriorly,Ecuador,Japan,Bangladesh,China,etc.
RPKIatCNNIC• StandardizationworkinIETF
• X.Lee,X.Liu,Z.YanandY.Fu,RPKIDeploymentConsiderations:ProblemAnalysisandAlternative Solutions,draft-lee-sidr-rpki-deployment-01,Jan,2016.• RPKIDeploymentProblems:Existing andPotentialProblems,suchasTechnical,EconomicandPolitical
• AlternativeSolutions• Y.Fu,Z.Yan,X.LiuandC.Wang,ScenariosofunexpectedresourceassignmentinRPKI,draft-fu-sidr-unexpected-scenarios-01,March2016.• Problem:Unbelonged resourceallocation,Duplicatedallocation,Resourcetransfer• Solution:SafeguardofCAfunction
• Z.Yan,Y.Fu,X.Liu,G.Geng,ProblemStatementandConsiderationsforROAMergence,draft-yan-sidr-roa-mergence-00,May2016
• analyzesandpresentssomeoperational• ProblemscausedbythemisconfigurationsofROAscontainingmultiple IPprefixes.• Suggestionsandconsiderations
RPKIatCNNIC• StandardizationworkinCCSA• InchargeofthestandardizationofRPKIinChina
RPKIatCNNIC• Publishedtwowhite-paperstoguidethetestofRPKIandBGPSEC
RPKIatCNNIC• PublishedthefirstRPKI-PilotsysteminChina
RPKIatCNNIC• Publishedseveralacademicpapers
• CuicuiWang,Zhiwei YanandAnlei Hu.AnEfficientDataManagementArchitecturefortheLarge-scaleDeploymentofResourcePublicKeyInfrastructure
• Xiaowei Liu,Zhiwei Yan,GuanggangGeng,Xiaodong Lee,Shian-ShyongTsengandChing-Heng Ku.RPKIDeployment:RisksandAlternativeSolutions
• Xiaowei Liu,Zhiwei Yan,GuanggangGeng andXiaodongLee.Research of ResourceAllocation Risks by CAs in RPKI and Feasible Solutions
• Zhiwei Yan,Xiaowei Liu,GuanggangGeng andSherali Zeadally.SecureandScalableDeploymentofResourcePublicKeyInfrastructure(RPKI)
WhatisthefutureofRPKI?
• WillRPKIbeSECUREenough?• Weshouldavoidadditionalriskscausedbyasecurityenhancement
• MorethanOneTA
• OperationalErrors• UnilateralResourceRevocation• MirrorWorldAttacks• ……
• DataSynchronization
• ProblemsofStagedandIncompleteDeployment
• CombiningwithBGP
Production
Synchronization
Usage
WhatisthefutureofRPKI?• WillRPKIbedeployedwidely?
• Let’shaveaglimpseofDNSSEC
• 2010-12~2013-03
Experimental
• 2013-04
Announced• 2013-08
Partial
• 2013-11
DSinRoot• Keepgoing…
Operational
Experimental:ü Riskanalysisü Softwaredevelopment
Announced:ü Hardware&softwaredeploymentü Traininganddrills
Partial:ü Signing &rollerü Observations&verification
DSinRoot:ü Generation&submissionü Observations&verification
Operational:ü Upgradesandimprovementsü Debugging
Over 800 days 120 days
WhatisthefutureofRPKI?• WillRPKIbedeployedwidely?
• Let’shaveaglimpseofDNSSEC
DNSSECCOVERAGERATEOF
ALEXATOP1MILLIONWEBSITES:
1.6%
WhatisthefutureofRPKI?
• Analyzethechallengesfordeployment:
• Up-bottommodelhasdifficultyintheInternetworld
• PKIhastoohighrequirementsforthemanagers
• Securityisahugeinvestmentfortheenterprises
• IamnotNEGATIVEorUNCONFIDENTtoRPKI
• ButIamsureithasalongwaytogofor:
• Protocolimprovement
• Deploymentenlargement
Thankyouforyourattention~
Zhiwei Yan@CNNIC