ion hangzhou - rpki at cnnic

RPKIat CNNIC

Zhiwei Yan

WhydoweneedRPKI？

Feb,2014HackerRedirectsTrafficFrom19InternetProviderstoStealBitcoins

Feb2008PakistanTelecom broughtdown YouTubeworldwide

Jan,2015AnISPinUSAhijackanIPprefixofIIJfromJapan

Nov,2015,AnISPinIndiaasBhartiAirtel hijackalotofIPprefix

Prefixhijackingisoneof thelarge-scaleBGPspecificroutinganomaliesthatareabletoparalyzetheInternet.

RPKI(ResourcePublicKeyInfrastructure) isdesigned topreventroutehijackingandotherattacksonBGP.

Prefixhijacking:AttackerscanusebogusBGPUPDATE(NLRIandPathAttributes)messagestodisruptroutingwithoutbreakingthepeer-peerconnection.

BGP UPDATE Message Format :

NLRI：NetworkLayerReachabilityInformation

WhydoweneedRPKI？

Bogus BGP UPDATE Message

According to“preferthe path withthe shortest AS_PATH”rule, AS4prefersmessagefromAS5to messagefromAS1.

AS3

AS2 AS4

AS1 AS5

218.241.0.0/16AS_PATH:21

NLRI:218.241.0.0/16AS_PATH:321

AS1wasauthorizedtooriginateprefix218.241.0.0/16

NLRI:218.241.0.0/16AS_PATH:1

AS3

AS2 AS4

AS1 AS5

218.241.0.0/16AS_PATH:21

NLRI:218.241.0.0/16AS_PATH:321

NLRI:218.241.0.0/20AS_PATH:5

NLRI:218.241.0.0/16AS_PATH:1

AS5forgesBGPUPDATEMessage

WhydoweneedRPKI?

Actually,BGPprotocolacceptsanyroutestheylearnfromtheirneighbors.

Obviously, thismayresultinRouteHijackingontheInternet.

Authorization

Ownership

Unable to verify who is the legitimate holder of the INRs (Internet Number Resources).

Unable to verify who has the authorization to originate specific IP prefixes

WhydoweneedRPKI?

BGPisvulnerabletoavarietyofroutingattacksbecauseof thelackofaverificationmechanismtoensure thelegitimacyofBGPmessages(especiallytheorigin information).

RPKI isproposed inIETFtooffers averificationmechanismtoprotecttheownershipandauthorizationoftheINRs(InternetNumberResources).

WhydoweneedRPKI?

CertificateAuthority,CAAnyresourceholderwhoisauthorized tosub-allocatetheseresourcesmustbeabletoissueresourcecertificatestocorrespond tothesesub-allocations.Thus,forexample,CAcertificateswillbeassociatedwithIANAandeachoftheRIRs,NIRs,andLIRs/ISPs.Also,aCAcertificateisrequired toenablearesourceholder toissueROAs,becauseitmustissuethecorresponding end-entitycertificateusedtovalidateeachROA.

End-entity,EETheprivatekeycorresponding toapublickeycontainedinanEEcertificateisnotusedtosignothercertificatesinaPKI.Theprimaryfunctionofend-entitycertificatesinthisPKIistheverificationofsignedobjectsthatrelatetotheusageoftheresourcesdescribed inthecertificate,e.g.,ROAsandmanifests.

TrustAnchor,TAAtrustanchorintheRPKIisrepresentedbyaself-signedX.509CertificationAuthority(CA)certificate,aformatcommonlyusedinPKIsandwidelysupportedbyRPsoftware

TheArchitectureof RPKI

TheArchitectureof RPKI-the relationofrolesanddata

Resource Holders

CA

LIR/ISP

Subscribers

IANA

RIR

NIR

CRL

CA certificate

EE certificate

ROA

manifest

Repository

INR（Internet Number Resources)

Entity PKI

Resources

Signed Objects

ROAProfile–RFC6482

Challenges NOW:

BGPSEC

RPKI-Safegurad

RFC6480 AnInfrastructuretoSupportSecureInternetRouting

RFC6487 AProfileforX.509PKIXResourceCertificates

RFC6481 ResourceCertificateRepositoryStructure

RFC6489 Key Rollover

RFC6490 RPKITrustAnchorLocator

RFC6484 CertificatePolicyfortheRPKI

RFC6485 TheProfileforAlgorithmsandKeySizesforUseinRPKI

RFC6482 AProfileforROAs

RFC6486 ManifestsfortheRPKI

RFC6488 SignedObjectTemplateforRPKI

RFC6483 ValidationofRouteOriginationUsingRPKIandROAs

ThestandardizationprocessofRPKI

IndustrialproductsofRPKI

CiscoBGProutersSupporting BGPCommand(matchRPKI)

JuniperroutersConfiguringOriginValidationforBGP

Alcatel-LucentServiceRouter (Release12.0R4)TryingtosupportRPKI

Deploymentsituation

5RIRshavefinished thedeploymentofRPKI.AnumberofcountrieshavealsostartedtodeployRPKIinteriorly,Ecuador,Japan,Bangladesh,China,etc.

RPKIatCNNIC• StandardizationworkinIETF

• X.Lee,X.Liu,Z.YanandY.Fu,RPKIDeploymentConsiderations:ProblemAnalysisandAlternative Solutions,draft-lee-sidr-rpki-deployment-01,Jan,2016.• RPKIDeploymentProblems：Existing andPotentialProblems,suchasTechnical,EconomicandPolitical

• AlternativeSolutions• Y.Fu,Z.Yan,X.LiuandC.Wang,ScenariosofunexpectedresourceassignmentinRPKI,draft-fu-sidr-unexpected-scenarios-01,March2016.• Problem:Unbelonged resourceallocation,Duplicatedallocation,Resourcetransfer• Solution:SafeguardofCAfunction

• Z.Yan,Y.Fu,X.Liu,G.Geng,ProblemStatementandConsiderationsforROAMergence,draft-yan-sidr-roa-mergence-00,May2016

• analyzesandpresentssomeoperational• ProblemscausedbythemisconfigurationsofROAscontainingmultiple IPprefixes.• Suggestionsandconsiderations

RPKIatCNNIC• StandardizationworkinCCSA• InchargeofthestandardizationofRPKIinChina

RPKIatCNNIC• Publishedtwowhite-paperstoguidethetestofRPKIandBGPSEC

RPKIatCNNIC• PublishedthefirstRPKI-PilotsysteminChina

RPKIatCNNIC• Publishedseveralacademicpapers

• CuicuiWang,Zhiwei YanandAnlei Hu.AnEfficientDataManagementArchitecturefortheLarge-scaleDeploymentofResourcePublicKeyInfrastructure

• Xiaowei Liu,Zhiwei Yan,GuanggangGeng,Xiaodong Lee,Shian-ShyongTsengandChing-Heng Ku.RPKIDeployment:RisksandAlternativeSolutions

• Xiaowei Liu,Zhiwei Yan,GuanggangGeng andXiaodongLee.Research of ResourceAllocation Risks by CAs in RPKI and Feasible Solutions

• Zhiwei Yan,Xiaowei Liu,GuanggangGeng andSherali Zeadally.SecureandScalableDeploymentofResourcePublicKeyInfrastructure(RPKI)

WhatisthefutureofRPKI?

• WillRPKIbeSECUREenough?• Weshouldavoidadditionalriskscausedbyasecurityenhancement

• MorethanOneTA

• OperationalErrors• UnilateralResourceRevocation• MirrorWorldAttacks• ……

• DataSynchronization

• ProblemsofStagedandIncompleteDeployment

• CombiningwithBGP

Production

Synchronization

Usage

WhatisthefutureofRPKI?• WillRPKIbedeployedwidely?

• Let’shaveaglimpseofDNSSEC

• 2010-12～2013-03

Experimental

• 2013-04

Announced• 2013-08

Partial

• 2013-11

DSinRoot• Keepgoing…

Operational

Experimental：ü Riskanalysisü Softwaredevelopment

Announced：ü Hardware&softwaredeploymentü Traininganddrills

Partial：ü Signing &rollerü Observations&verification

DSinRoot：ü Generation&submissionü Observations&verification

Operational：ü Upgradesandimprovementsü Debugging

Over 800 days 120 days

WhatisthefutureofRPKI?• WillRPKIbedeployedwidely?

• Let’shaveaglimpseofDNSSEC

DNSSECCOVERAGERATEOF

ALEXATOP1MILLIONWEBSITES:

1.6%

WhatisthefutureofRPKI?

• Analyzethechallengesfordeployment:

• Up-bottommodelhasdifficultyintheInternetworld

• PKIhastoohighrequirementsforthemanagers

• Securityisahugeinvestmentfortheenterprises

• IamnotNEGATIVEorUNCONFIDENTtoRPKI

• ButIamsureithasalongwaytogofor:

• Protocolimprovement

• Deploymentenlargement

Thankyouforyourattention~

Zhiwei Yan@CNNIC