The security of route advertisements on the Internet has become an increasingly relevant concern in an increasingly interconnected digital world. RPKI (Resource Public Key Infrastructure) has emerged as an innovative and effective solution for combating cyber attacks. It also guarantees the authenticity of the information transmitted by the routers.
By allowing the validation of routing information based on cryptographic keys, RPKI establishes a reliable system for verifying the origin and authorization of route announcements on the Internet. This prevents the propagation of false routes and the malicious manipulation of network traffic. It is therefore possible to protect organizations and users from attacks such as route hijacking and denial of service (DDoS) attacks.
In this article, we’ll explore in detail how RPKI brings security to route announcements on the Internet. In addition, we will see how this public key infrastructure is revolutionizing the Internet routing landscape and promoting a more secure and reliable environment.
RPKI and BGP
Every day, condominium doormen in Brazil and around the world deal with service providers who show up to solve the most diverse problems. Usually at the request of a resident. They are employees of telecommunications operators, elevator manufacturers, utility companies and many other professionals. But how can you be sure that this is the right service provider?
The people responsible for administering and maintaining the Internet face this same type of doubt every day. Which organizations are allowed to use a protocol like BGP, for example, which announces routes? In the past, there was no such concern. However, recent years have shown that layers of security need to be added to the use of this protocol. Today, there is a movement among the managers of autonomous systems (abbreviated as “AS”, which are the sets of IPs administered by certain organizations) to deploy RPKI infrastructure (Resource Public Key Infrastructure). In this way, it is possible to ensure greater security when announcing routes in BGP operations.
RPKI associates each route announcement with the AS that published it
RPKI is a cryptographic method for signing records, which associates each BGP route announcement with the number of the AS that published it. Many ASs have already implemented it – such as the major international network operators – but many still use BGP without the guarantee of RPKI. Therefore, no signature on the record of each route. These records are in the same situation as a service provider who asks for access to the condominium but has no credentials to show. In April 2018, a malicious ad (without an RPKI signature) diverted traffic destined for the company MyEtherWallet in Germany to an address in Ukraine. As a result, the detour led to the theft of an amount equivalent to US$160,000 from MyEtherWallet users.
This and other events on the Internet have shown the need to implement RPKI as a security layer. When the Internet was invented and started operating, when it was still a small network run by a few people, they used BGP to announce new routes. They also made the necessary corrections or updates to an AS. However, everyone knew that those changes had been made by someone responsible and with the necessary knowledge.
Back then, no one had to identify themselves or certify a route announcement. After all, those people were researchers, scientists, academics, people from laboratories, people from universities and nobody else. So they were people who met at conferences, meetings, congresses, people who could trust each other because of this. This mutual trust meant that, from the outset, the protocols that organize the Internet, such as BGP, didn’t need security layers.
Internet security is no longer based on trust
However, over the years, the Internet began to grow, finally becoming the network of all networks, and of interest to many other groups. There was then a need for security to prevent unauthorized people from gaining access to these fundamental network operations. Today, there are so many people operating the Internet that it’s impossible for everyone to know each other. As a result, it became impossible to manage operations simply on the basis of mutual trust.
In the case of BGP, security is implemented by RPKI, to prevent unauthorized people from manipulating or even sabotaging the protocol. However, of course someone can make a mistake with a route announcement, due to the complexities of BGP configuration. Depending on the error, the result could be a longer route to a given address and an increase in response latency. But the error – or sabotage – could also block access to large blocks of IP addresses, as has happened in the past.
BGP is essential. And your safety, through RPKI, too. It is a protocol designed for routing exchanges between autonomous systems. To illustrate, you can think of BGP’s functions as the same as the bulletin board at an airport, displaying the list of departing flights. A person traveling to the capital of another country usually arrives at the airport knowing only their destination and the flight time. However, the main piece of information she needs to get to the plane is her flight number. Every day, several companies fly to the same destination. However, only the flight identified on the boarding pass has that person’s name associated with their seat number and personal documents on its passenger list.
Precise information on each destination
For her to be able to board, all she has to do is look at the panel and find the flight number. Next to it, the terminal where the aircraft is located and the passenger boarding hall will be identified. With this information – terminal and departure lounge – the passenger will be able to reach the plane and be transported to their destination. BGP does the same thing with routes, indicating in its tables the path to reach a given Internet address.
But who can guarantee that the data on the airport notice board was entered by the authorized people? Or who guarantees that a particular AS is authorized to announce routes via its BGP? In the case of the airport, the answer lies in the various layers of security put in place for the operation of the billboard – logins, passwords and other authentication factors. And in the case of BGP, the fundamental layer of security is in the RPKI. By creating a unique identity for each record, associated with a certificate, RPKI assigns trust to the published route. This reduces the risk of undesirable interference to the operation of the entire Internet.