Published on July 13, 2016
1. RPKI at CNNIC Zhiwei Yan
2. Why do we need RPKI？ Feb, 2014 Hacker Redirects Traffic From 19 Internet Providers to Steal Bitcoins Feb 2008 Pakistan Telecom brought down YouTube worldwide Jan , 2015 An ISP in USA hijack an IP prefix of IIJ from Japan Nov, 2015, An ISP in India as Bharti Airtel hijack a lot of IP prefix Prefix hijacking is one of the large-scale BGP specific routing anomalies that are able to paralyze the Internet. RPKI (Resource Public Key Infrastructure) is designed to prevent route hijacking and other attacks on BGP.
3. Prefix hijacking: Attackers can use bogus BGP UPDATE (NLRI and Path Attributes) messages to disrupt routing without breaking the peer-peer connection. BGP UPDATE Message Format : NLRI：Network Layer Reachability Information Why do we need RPKI？
4. Bogus BGP UPDATE Message According to “prefer the path with the shortest AS_PATH” rule, AS4 prefers message from AS5 to message from AS1. AS3 AS2 AS4 AS1 AS5 126.96.36.199/16 AS_PATH: 2 1 NLRI: 188.8.131.52/16 AS_PATH: 3 2 1 AS1 was authorized to originate prefix 184.108.40.206/16 NLRI: 220.127.116.11/16 AS_PATH: 1 AS3 AS2 AS4 AS1 AS5 18.104.22.168/16 AS_PATH: 2 1 NLRI: 22.214.171.124/16 AS_PATH: 3 2 1 NLRI: 126.96.36.199/20 AS_PATH: 5 NLRI: 188.8.131.52/16 AS_PATH: 1 AS5 forges BGP UPDATE Message Why do we need RPKI?
5. Actually, BGP protocol accepts any routes they learn from their neighbors. Obviously, this may result in Route Hijacking on the Internet. Authorization Ownership Unable to verify who is the legitimate holder of the INRs (Internet Number Resources). Unable to verify who has the authorization to originate specific IP prefixes Why do we need RPKI?
6. BGP is vulnerable to a variety of routing attacks because of the lack of a verification mechanism to ensure the legitimacy of BGP messages (especially the origin information). RPKI is proposed in IETF to offers a verification mechanism to protect the ownership and authorization of the INRs (Internet Number Resources). Why do we need RPKI?
7. Certificate Authority, CA Any resource holder who is authorized to sub-allocate these resources must be able to issue resource certificates to correspond to these sub-allocations. Thus, for example, CA certificates will be associated with IANA and each of the RIRs, NIRs, and LIRs/ISPs. Also, a CA certificate is required to enable a resource holder to issue ROAs, because it must issue the corresponding end-entity certificate used to validate each ROA. End-entity, EE The private key corresponding to a public key contained in an EE certificate is not used to sign other certificates in a PKI. The primary function of end-entity certificates in this PKI is the verification of signed objects that relate to the usage of the resources described in the certificate, e.g., ROAs and manifests. Trust Anchor, TA A trust anchor in the RPKI is represented by a self-signed X.509 Certification Authority (CA) certificate, a format commonly used in PKIs and widely supported by RP software The Architecture of RPKI
8. The Architecture of RPKI-the relation of roles and data Resource Holders CA LIR/ISP Subscribers IANA RIR NIR CRL CA certificate EE certificate ROA manifest Repository INR （Internet Number Resources) Entity PKI Resources Signed Objects
9. ROA Profile –RFC6482
10. Challenges NOW: BGPSEC RPKI-Safegurad RFC 6480 An Infrastructure to Support Secure Internet Routing RFC 6487 A Profile for X.509 PKIX Resource Certificates RFC 6481 Resource Certificate Repository Structure RFC 6489 Key Rollover RFC 6490 RPKI Trust Anchor Locator RFC 6484 Certificate Policy for the RPKI RFC 6485 The Profile for Algorithms and Key Sizes for Use in RPKI RFC 6482 A Profile for ROAs RFC 6486 Manifests for the RPKI RFC 6488 Signed Object Template for RPKI RFC 6483 Validation of Route Origination Using RPKI and ROAs The standardization process of RPKI
11. Industrial products of RPKI Cisco BGP routers Supporting BGP Command (match RPKI) Juniper routers Configuring Origin Validation for BGP Alcatel-Lucent Service Router(Release 12.0 R4) Trying to support RPKI
12. Deployment situation 5 RIRs have finished the deployment of RPKI. A number of countries have also started to deploy RPKI interiorly, Ecuador, Japan, Bangladesh, China, etc.
13. RPKI at CNNIC • Standardization work in IETF • X. Lee, X. Liu, Z. Yan and Y. Fu, RPKI Deployment Considerations: Problem Analysis and Alternative Solutions, draft-lee-sidr-rpki-deployment-01, Jan, 2016. • RPKI Deployment Problems：Existing and Potential Problems , such as Technical, Economic and Political • Alternative Solutions • Y. Fu, Z. Yan, X. Liu and C. Wang, Scenarios of unexpected resource assignment in RPKI, draft-fu-sidr-unexpected-scenarios-01, March 2016. • Problem: Unbelonged resource allocation, Duplicated allocation, Resource transfer • Solution: Safeguard of CA function • Z.Yan, Y.Fu, X.Liu, G.Geng, Problem Statement and Considerations for ROA Mergence, draft-yan-sidr-roa-mergence-00, May 2016 • analyzes and presents some operational • Problems caused by the misconfigurations of ROAs containing multiple IP prefixes. • Suggestions and considerations
14. RPKI at CNNIC • Standardization work in CCSA • In charge of the standardization of RPKI in China
15. RPKI at CNNIC • Published two white-papers to guide the test of RPKI and BGPSEC
16. RPKI at CNNIC • Published the first RPKI-Pilot system in China
17. RPKI at CNNIC • Published several academic papers • Cuicui Wang, Zhiwei Yan and Anlei Hu. An Efficient Data Management Architecture for the Large-scale Deployment of Resource Public Key Infrastructure • Xiaowei Liu, Zhiwei Yan, Guanggang Geng, Xiaodong Lee, Shian-ShyongTseng and Ching-Heng Ku. RPKI Deployment: Risks and Alternative Solutions • Xiaowei Liu, Zhiwei Yan, Guanggang Geng and XiaodongLee. Research of ResourceAllocation Risks by CAs in RPKI and Feasible Solutions • Zhiwei Yan, Xiaowei Liu, Guanggang Geng and SheraliZeadally. Secure and Scalable Deployment of Resource Public Key Infrastructure (RPKI)
18. What is the future of RPKI? • Will RPKI be SECURE enough? • We should avoid additional risks caused by a security enhancement • More than One TA • Operational Errors • Unilateral Resource Revocation • Mirror World Attacks • …… • Data Synchronization • Problems of Staged and Incomplete Deployment • Combining with BGP Production Synchronization Usage
19. What is the future of RPKI? • Will RPKI be deployed widely? • Let’s have a glimpse of DNSSEC • 2010-12～ 2013-03 Experimental • 2013-04 Announced • 2013-08 Partial • 2013-11 DS in Root • Keep going… Operational Experimental： ü Risk analysis ü Software development Announced： ü Hardware & software deployment ü Training and drills Partial： ü Signing & roller ü Observations & verification DS in Root： ü Generation & submission ü Observations & verification Operational： ü Upgrades and improvements ü Debugging Over 800 days 120 days
20. What is the future of RPKI? • Will RPKI be deployed widely? • Let’s have a glimpse of DNSSEC DNSSEC COVERAGE RATE OF ALEXA TOP 1 MILLION WEBSITES: 1.6%
21. What is the future of RPKI? • Analyze the challenges for deployment: • Up-bottom model has difficulty in the Internet world • PKI has too high requirements for the managers • Security is a huge investment for the enterprises
22. •I am not NEGATIVE or UNCONFIDENT to RPKI • But I am sure it has a long way to go for: • Protocol improvement • Deployment enlargement
23. Thank you for your attention~ Zhiwei Yan@CNNIC