Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

SoK: An Introspective Analysis of RPKI Security

Donika Mirdita, Haya Schulmann, Michael Waidner

TL;DR

This SoK delivers the first systemic view of vulnerabilities and misconfigurations in the global RPKI ecosystem, combining a longitudinal pilot with a comprehensive literature synthesis. It reveals that at least 56% of global RPKI validators are vulnerable to known attack vectors, and that current RP deployments—dominated by Routinator—suffer from aging software, misconfigurations, and stalling attacks that can silently degrade ROV. The authors implement a two-year measurement testbed (RP: Routinator; PP: Krill) to quantify RP-PP communication, content trends, error types, and the human factors driving insecure deployments. They also provide a structured threat taxonomy and a set of concrete recommendations, including protocol overhauls, distributed/infrastructure approaches, and stronger outreach to operators, to advance RPKI toward robust, scalable global deployment.

Abstract

The Resource Public Key Infrastructure (RPKI) is the main mechanism to protect inter-domain routing with BGP from prefix hijacks. It has already been widely deployed by large providers and the adoption rate is getting to a critical point. Almost half of all the global prefixes are now covered by RPKI and measurements show that 27% of networks are already using RPKI to validate BGP announcements. Over the past 10 years, there has been much research effort in RPKI, analyzing different facets of the protocol, such as software vulnerabilities, robustness of the infrastructure or the proliferation of RPKI validation. In this work we compile the first systemic overview of the vulnerabilities and misconfigurations in RPKI and quantify the security landscape of the global RPKI deployments based on our measurements and analysis. Our study discovers that 56% of the global RPKI validators suffer from at least one documented vulnerability. We also do a systematization of knowledge for existing RPKI security research and complement the existing knowledge with novel measurements in which we discover new trends in availability of RPKI repositories, and their communication patterns with the RPKI validators. We weave together the results of existing research and our study, to provide a comprehensive tableau of vulnerabilities, their sources, and to derive future research paths necessary to prepare RPKI for full global deployment.

SoK: An Introspective Analysis of RPKI Security

TL;DR

This SoK delivers the first systemic view of vulnerabilities and misconfigurations in the global RPKI ecosystem, combining a longitudinal pilot with a comprehensive literature synthesis. It reveals that at least 56% of global RPKI validators are vulnerable to known attack vectors, and that current RP deployments—dominated by Routinator—suffer from aging software, misconfigurations, and stalling attacks that can silently degrade ROV. The authors implement a two-year measurement testbed (RP: Routinator; PP: Krill) to quantify RP-PP communication, content trends, error types, and the human factors driving insecure deployments. They also provide a structured threat taxonomy and a set of concrete recommendations, including protocol overhauls, distributed/infrastructure approaches, and stronger outreach to operators, to advance RPKI toward robust, scalable global deployment.

Abstract

The Resource Public Key Infrastructure (RPKI) is the main mechanism to protect inter-domain routing with BGP from prefix hijacks. It has already been widely deployed by large providers and the adoption rate is getting to a critical point. Almost half of all the global prefixes are now covered by RPKI and measurements show that 27% of networks are already using RPKI to validate BGP announcements. Over the past 10 years, there has been much research effort in RPKI, analyzing different facets of the protocol, such as software vulnerabilities, robustness of the infrastructure or the proliferation of RPKI validation. In this work we compile the first systemic overview of the vulnerabilities and misconfigurations in RPKI and quantify the security landscape of the global RPKI deployments based on our measurements and analysis. Our study discovers that 56% of the global RPKI validators suffer from at least one documented vulnerability. We also do a systematization of knowledge for existing RPKI security research and complement the existing knowledge with novel measurements in which we discover new trends in availability of RPKI repositories, and their communication patterns with the RPKI validators. We weave together the results of existing research and our study, to provide a comprehensive tableau of vulnerabilities, their sources, and to derive future research paths necessary to prepare RPKI for full global deployment.
Paper Structure (24 sections, 8 figures, 4 tables)

This paper contains 24 sections, 8 figures, 4 tables.

Table of Contents

  1. Introduction
  2. Technical Overview of RPKI
  3. Analysis of RPKI Security Literature
  4. ROV Measurements
  5. Attack Vectors
  6. Defense Mechanisms
  7. Deployment Status
  8. Standardization of Knowledge
  9. Measurement Testbed
  10. RPKI Threat Taxonomy
  11. Publication Point Attack Surface
  12. Relying Party Deployments
  13. Attacks Disabling Relying Party Validation
  14. Pervasiveness of Bad Software
  15. Attacks for Stalling Relying Parties
  16. ...and 9 more sections

Figures (8)

  • Figure 1: RPKI Testbed.
  • Figure 2: Distribution of vulnerabilities in relying parties.
  • Figure 3: RIPE NCC validator usage trend.
  • Figure 4: Number of ROA files and VRPs issued during R1 and R2.
  • Figure 5: Duration of validation intervals for R1 and R2.
  • ...and 3 more figures