Routing Insecurity (Re: BGP in the Washington Post)

[dwcarder at wisc.edu (Dale W. Carder)]

Thus spake Roland Dobbins (rdobbins at arbor.net) on Tue, Jun 02, 2015 at 03:05:13PM +0700:
> 
> On 2 Jun 2015, at 11:07, Mark Andrews wrote:
> 
> >If you have secure BGP deployed then you could extend the authenication
> >to securely authenticate source addresses you emit and automate
> >BCP38 filter generation and then you wouldn't have to worry about
> >DNS, NTP, CHARGEN etc. reflecting spoofed traffic
> 
> This can be and is done by networks which originate routes and which
> practice good network hygiene, no PKI required.
> 
> But then we get into the customer of my customer (of my customer, of my
> customer . . .) problem, and this aren't quite so clear.
> 
> There are also potentially significant drawbacks to incorporating PKI into
> the routing space, including new potential DoS vectors against PKI-enabled
> routing elements, the potential for enumeration of routing elements, and the
> possibility of building a true 'Internet kill switch' with effects far
> beyond what various governmental bodies have managed to do so far in the DNS
> space.
> 
> Once governments figured out what the DNS was, they started to use it as a
> ban-hammer - what happens in a PKIed routing system once they figure out
> what BGP is?
> 
> But nobody seems to be discussing these potential drawbacks, very much.

Start here:
 https://www.cs.bu.edu/~goldbe/papers/hotRPKI_full.pdf

Dale