We proposed two countermeasures to mitigate BGP attacks on PKI: multiple vantage point verification to prevent localized route hijacking by verifying domain control from multiple locations, and a live BGP monitoring system using a novel route age heuristic to detect and prevent short-lived attacks by requiring they remain active for hours to issue bogus certificates. We analyzed the full scope of potential BGP attacks on PKI, successfully executed them, evaluated the current vulnerability, and demonstrated our countermeasures to be effective defenses.
We proposed two countermeasures to mitigate BGP attacks on PKI: multiple vantage point verification to prevent localized route hijacking by verifying domain control from multiple locations, and a live BGP monitoring system using a novel route age heuristic to detect and prevent short-lived attacks by requiring they remain active for hours to issue bogus certificates. We analyzed the full scope of potential BGP attacks on PKI, successfully executed them, evaluated the current vulnerability, and demonstrated our countermeasures to be effective defenses.
We proposed two countermeasures to mitigate BGP attacks on PKI: multiple vantage point verification to prevent localized route hijacking by verifying domain control from multiple locations, and a live BGP monitoring system using a novel route age heuristic to detect and prevent short-lived attacks by requiring they remain active for hours to issue bogus certificates. We analyzed the full scope of potential BGP attacks on PKI, successfully executed them, evaluated the current vulnerability, and demonstrated our countermeasures to be effective defenses.
posed and developed two countermeasures to mitigate
the threat of BGP attacks: multiple vantage point veri- fication and a live BGP monitoring system. • Multiple Vantage Point Verification: We propose to perform domain control verification from multi- ple locations on the Internet (vantage points) to pre- vent localized BGP attacks. We calculate the best locations for vantage points and quantify the result- ing security benefit. • Live BGP Monitoring System: We design and im- plement (in the Let’s Encrypt’s CA) a monitoring system with a novel route age heuristic to prevent short-lived BGP attacks [19] that can quickly lead to a bogus certificate before the attack is noticed. Our heuristic is designed for CAs and forces adver- saries to keep attacks active for several hours, giving network operators time to react. Some of the BGP attacks were briefly discussed in a short abstract [16]. In this paper, we go further by an- alyzing the complete attack surface of BGP attacks on PKI and performing all the attacks in the wild — with success. We also measure the vulnerability of the current PKI to these attacks, and propose/evaluate two effective countermeasures to defend against the attacks.