Rpkiller: Threat Analysis from an RPKI Relying Party Perspective

TL;DR

This paper develops a threat model for RPKI Relying Party software, demonstrates vulnerabilities in current implementations, and highlights protocol design issues that could enable global disruption of RPKI services.

Contribution

It introduces a comprehensive threat model for RPKI Relying Parties and provides an empirical analysis showing widespread vulnerabilities in current software implementations.

Findings

All tested Relying Party software was vulnerable to at least one threat.

Identified protocol design choices that introduce additional security risks.

Potential for attacker to disrupt RPKI Relying Party operations globally.

Abstract

The Resource Public Key Infrastructure (RPKI) aims to secure internet routing by creating an infrastructure where resource holders can make attestations about their resources. RPKI Certificate Authorities issue these attestations and publish them at Publication Points. Relying Party software retrieves and processes the RPKI-related data from all publication points, validates the data and makes it available to routers so they can make secure routing decisions. In this work, we create a threat model for Relying Party software, where an attacker controls a Certificate Authority and Publication Point. We implement a prototype testbed to analyse how current Relying Party software implementations react to scenarios originating from that threat model. Our results show that all current Relying Party software was susceptible to at least one of the identified threats. In addition to this, we also identified threats stemming from choices made in the protocol itself. Taken together, these threats potentially allow an attacker to fully disrupt all RPKI Relying Party software on a global scale. We performed a Coordinated Vulnerability Disclosure to the implementers and have made our testbed software available for future studies.