Paper 2014/444

RPKI vs ROVER: Comparing the Risks of BGP Security Solutions

Aanchal Malhotra and Sharon Goldberg

Abstract

Route Origin Verification (ROVER), a mechanism for securing interdomain routing with BGP, is a proposed alternative to the Resource Public Key Infrastructure (RPKI). While the RPKI requires the design and deployment of a completely new security infrastructure, ROVER leverages existing reverse DNS and DNSSEC deployments. Both ROVER and RPKI are based on a hierarchy of authorities that are trusted to provide information about the routing system. It has been argued recently that misconfigurations or compromises of the RPKI's trusted authorities can present new risks to the routing system. Meanwhile, the advocates of ROVER claim that it provides a "fail-safe" approach, where the Internet will continue to work as it is even when ROVER fails. This poster therefore compares the impact of ROVER failures to those of the RPKI.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Minor revision. Poster at SIGCOMM 2014
Keywords
Routing SecurityPublic-key InfrastructureDNS
Contact author(s)
aanchal4 @ bu edu
History
2014-06-18: last of 2 revisions
2014-06-13: received
See all versions
Short URL
https://ia.cr/2014/444
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/444,
      author = {Aanchal Malhotra and Sharon Goldberg},
      title = {RPKI vs ROVER: Comparing the Risks of BGP Security Solutions},
      howpublished = {Cryptology ePrint Archive, Paper 2014/444},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/444}},
      url = {https://eprint.iacr.org/2014/444}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.