Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Limiting the Power of RPKI Authorities

: Shrishak, Kris; Shulman, Haya


Association for Computing Machinery -ACM-; Association for Computing Machinery -ACM-, Special Interest Group on Data Communication -SIGCOMM-:
ANRW '20, Applied Networking Research Workshop. Proceedings : July 27-30, 2020, Online (Meetecho), Spain
New York: ACM, 2020
ISBN: 978-1-4503-8039-3
Applied Networking Research Workshop (ANRW) <2020, Online>
Fraunhofer SIT ()

Although Resource Public Key Infrastructure (RPKI) is critical for securing the inter-domain routing, one of the arguments hindering its adoption is the significant power that it provides to the Regional Internet Registries (RIRs), allowing prefix takedowns. In this work, we propose a small change to RPKI to distribute the power of RIRs preventing any single one of them from taking down a prefix. We design and implement a distributed RPKI system that relies on threshold signatures. This ensures that any change to the RPKI certificates requires a joint action by a number of RIRs, avoiding unilateral IP address takedowns. We evaluate the performance of our design and use historic RPKI data to analyse its performance and efficiency.