An internet security mechanism called Resource Public Key Infrastructure (RPKI), intended to protect the routing of data traffic, is down, according to security experts from Germany’s ATHENE, the National Research Center for Applied Cybersecurity.
This means that if you were hoping that RPKI would prevent state spies and rogue operators from redirecting people’s connections to spy on them or interrupt their connectivity, you might be disappointed: it can be circumvented, we are told.
For those who don’t know, the Internet is a network of connected networks. These networks communicate using BGP (Border Gateway Protocol) to ultimately create a routing map of the internet, so that when you try to connect to something, your data packets are sent along the correct pipes. at a good place. Specifically, the Internet consists of networks called Autonomous Systems (AS) that advertise their IP address prefixes through routers to neighboring networks using BGP, again to ultimately construct this routing map.
Malicious ASes can lie to their neighbors, claiming address prefixes they don’t have. On March 28, 2022, for example, Russian telecommunications provider RTComm.ru began advertising one of Twitter’s network prefixes, presumably to intercept Twitter traffic or at least redirect it to a sinkhole, blocking access to the social network.
RPKI aspires to prevent prefix hijacking by binding IP addresses to ASes using digital signatures called ROAs (Route Origin Authorizations). According to ATHENE, only around 40% of all IP address blocks have RPKI certificates and only around 27% verify them.
But when deployed, RPKI provides ASes with the ability to validate IP prefix advertisements from other ASes. Using ROV (Route Origin Validation), BGP routers can classify routes as valid or invalid. But when an ROV is not available from the network publishing points, the BGP router considers the route unknown and RPKI is not used for routing decisions.
This design choice – prioritizing network accessibility over security – represents the source of the vulnerability, according to the ATHENE researchers.
in research [PDF] presented earlier this year at the Usenix and Black Hat Security Conferences, Tomas Hlavacek, Philipp Jeitner, Donika Mirdita, Haya Shulman, and Michael Waidner describe an attack called “Stalloris”.
The attack requires adversarial control of an RPKI publishing point – a router or a network – something beyond the reach of state-level adversaries and other sophisticated malefactors. The adversarial RKPI source is configured to respond to requests as slowly as possible and to keep the victim looking for information from controlled publishing points. As the name suggests, the technique blocks the network route verification process, which ultimately disables RPKI, so that no network route validation occurs.
“[W]We show that a combination of Stalloris with a single iteration of low-throughput off-path packet loss attack is sufficient to suppress RPKI validation,” the researchers explain in their paper. “The idea behind our Stalloris attack is to create a deep delegation path. so that the relying party [validating ROAs for the victim] opens RPKI Repository Delta Protocol (RRDP) connections to multiple adversary-controlled publishing points.”
In a scenario where the adversary wants AS1 to accept the hijacked BGP advertisement for AS2, the technique is to identify the relying party of AS1 and the DNS resolver involved. This also requires identifying the public repository (publishing point) that serves the RKPI information for AS2.
Since the relying party of AS1 and the publishing point of AS2 are known, the attacker then prevents the relying party from communicating with the RKPI repository of AS2. This must be done repeatedly so that cached records are removed from the DNS resolvers cache.
This low throughput attack is combined with the Stalloris attack, which is designed to slow down relying party performance, to reduce the number of low throughput attack iterations to disable RKPI protection.
By using low-rate bursts synchronized with relying party requests to find RPKI publishing points, the attacker can effectively remove RPKI protection from the image, forcing the target network to make routing decisions based on unverified information.
See the document above for full technical details; we’re just summarizing here so you get the idea that this is a non-trivial attack for well-placed and well-resourced snoopers. Think of it as an interesting design challenge to overcome or as a possible means of attack in the future.
“In our measurements, we found that 47% of publishing points were vulnerable to rate-limiting downgrade attacks,” the paper said. “That’s 60% of the RPKI-protected IPv4 address space on the Internet.”
Boffins say that in early 2021, all popular products used by networks to validate RPKI certificates were vulnerable and they informed product manufacturers of the attack. Presumably, some of the mitigations suggested by the researchers – limiting delegation chains, rethinking the handling of “unknown” routes, etc. – have been implemented by network equipment manufacturers.
But ATHENE is unsure of the extent of implementation of its recommendations. “We haven’t measured how many have already updated their systems,” a spokesperson said in an email. “We are aware that developers have incorporated patches into relying party software (with the exception of RIPE NCC’s software which is no longer maintained) to prevent attacks.”
At least Google says it has defenses in place. “Google has safeguards in place that protect against this threat to our RPKI infrastructure,” a spokesperson said. The register.
But with around 60% of IP address blocks lacking RPKIs, network route hijacking remains a risk. ®
#Internet #traffic #route #protection #broken #study #finds