Show simple item record

dc.contributor.authorBrogle, Kyleen_US
dc.contributor.authorCooper, Dannyen_US
dc.contributor.authorGoldberg, Sharonen_US
dc.contributor.authorReyzin, Leoniden_US
dc.date2013-01-04
dc.date.accessioned2015-06-24T19:48:51Z
dc.date.available2015-06-24T19:48:51Z
dc.date.issued2013-01-07
dc.identifier.citationBrogle, Kyle; Cooper, Danny; Goldberg, Sharon; Reyzin, Leonid. "Impacting IP Prefix Reachability via RPKI Manipulations", Technical Report BUCS-TR-2013-001, Computer Science Department, Boston University, January 7, 2013. [Available from: http://hdl.handle.net/2144/11410]
dc.identifier.urihttps://hdl.handle.net/2144/11410
dc.description.abstractThe RPKI is an infrastructure that will provide digitally signed attestations for the hierarchical allocation and suballocation of IP addresses. Its goal is to improve security of interdomain routing by providing reliable data showing which autonomous system (AS) is authorized to originate which IP prefix. We discuss how the hierarchical nature of the RPKI makes it technically possible for any party above a target IP prefix in the RPKI hierarchy to revoke that target IP prefix. We show that such revocation can be ``surgical''---i.e., impacting only the desired IP address or prefix---and difficult to detect. We also discuss the impact such revocation has on routing. This note focuses only on the issues of technical feasibility (rather than legal or operational issues), and should not be taken as recommendation for or against the use of the RPKI.en_US
dc.language.isoen_US
dc.publisherComputer Science Department, Boston Universityen_US
dc.relation.ispartofseriesBUCS Technical Reports;BUCS-TR-2013-001
dc.titleImpacting IP prefix reachability via RPKI manipulationsen_US
dc.typeTechnical Reporten_US


This item appears in the following Collection(s)

Show simple item record