Need for historical prefix blacklist (`rogue' prefixes)

Jakob Heitz (jheitz) jheitz at cisco.com
Mon Nov 1 04:35:12 UTC 2021


It may be possible to create a fake certificate for a fake ROA.
However, to do that requires a lot of steps to go right.

First, the RSA private key needs to be derived from the public key.
The quantum computer physics exists to do it.
However, the known technology is massively behind and may never materialize.
OTOH, it is a wide open field and someone may find a way to create enough
qubits and entangle them all and keep them stable long enough to
perform the calculation tomorrow.
People have been trying for several years, so this is extremely unlikely.

Second, relying parties need to be convinced/tricked into downloading
the fake certificates. Since each certificate contains the publication points
of its child certificates, the certs are chained together.
The route to a publication point needs to be hacked to cause relying parties
to access the fake publication point.

A point was made that encrypted data can be captured and stored and then
be decrypted later once the technology becomes available. This possibility
is not useful for creating fake ROA certs.

Therefore quantum resistant certificates will not be needed in advance of
the development of quantum certificate crackers.

Regards,
Jakob.

-----Original Message-----
Date: Sat, 30 Oct 2021 19:57:25 -0500
From: "J. Hellenthal" <jhellenthal at dataix.net>

He answered it completely. "You" worried about interception of RPKI exchange over the wire are failing to see that there is nothing there important to decrypt because the encryption in the transmission is not there !

And yet you've failed to even follow up to his question... "What's your point regarding your message? ROV does not use (nor needs) encryption."

So maybe you could give some context on that so someone can steer you out of the wrong direction.

-- 
 J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a lot about anticipated traffic volume.

> On Oct 30, 2021, at 10:31, A Crisan <alina.florar at gmail.com> wrote:
> 
> ?
> Hi Matthew, 
> 
> Quantum computing exists as POCs, IBM being one of those advertising them and announced to extend their project. There are others on the market, Amazon advertised quantum computing as a service back in 2019: https://www.theverge.com/2019/12/2/20992602/amazon-is-now-offering-quantum-computing-as-a-service. The bottle neck of the current technology is scalability: we will not see QC as personal computing level just yet (to go in more detail, current technologies work at cryogenic temperatures, thus they are hyper expensive and not really scalable), but they exist and one could be imagine they are/will be used for various tasks.
> 
> On the other hand, you've actually commented every word of my mail, minus the stated question. Thanks. 
> 
> Best Regards, 
> Dora Crisan 
> 
> 
> 
>  
> 
>> On Fri, Oct 29, 2021 at 8:10 PM Matthew Walster <matthew at walster.org> wrote:
>> 
>> 
>>> On Fri, 29 Oct 2021, 15:55 A Crisan, <alina.florar at gmail.com> wrote:
>>> Hi Matthew,
>>> I was reading the above exchange, and I do have a question linked to your last affirmation. To give you some context, the last 2021 ENISA report seem to suggest that internet traffic is "casually registered" by X actors to apply post Retrospective decryption (excerpt below). This would be at odds with your (deescalating) affirmation that hijacks are non-malicious and they are de-peered quickly, unless you pinpoint complete flux arrest only. Are there any reportings/indicators... that look into internet flux constant monitoring capabilities/capacities? Thanks.
>> 
>> 
>> RPKI uses authentication not confidentiality. There is no encryption taking place, other than the signatures on the certificates etc.
>> 
>>> Excerpt from the introduction: "What makes matters worse is that any cipher text intercepted by an attacker today can be decrypted by the attacker as soon as he has access to a large quantum computer (Retrospective decryption).
>> 
>> 
>> Which do not exist (yet).
>> 
>>> Analysis of Advanced Persistent Threats (APT) and Nation State capabilities,
>> 
>> 
>> Buzzwords.
>> 
>>> along with whistle blowers? revelations
>> 
>>>  have shown that threat actors can and are casually recording all Internet traffic in their data centers
>> 
>> 
>> No they're not. It's just not possible or indeed necessary to duplicate everything at large scale. Perhaps with a large amount of filtering, certain flows would be captured, but in the days of pervasive TLS, this seems less and less worthwhile.
>> 
>>>  and that they select encrypted traffic as interesting and worth storing.This means that any data encrypted using any of the standard public-key systems today will need to be considered compromised once a quantum computer exists and there is no way to protect it retroactively, because a copy of the ciphertexts in the hands of the attacker. This means that data that needs to remain confidential after the arrival of quantum computers need to be encrypted with alternative means"
>> 
>> 
>> None of this is relevant to RPKI (ROV) at all. In fact, it reads like the fevered dreams of a cyber security research student. What's your point regarding your message? ROV does not use (nor needs) encryption.
>> 
>> M
>> 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20211030/7cfe1717/attachment-0001.html>

End of NANOG Digest, Vol 165, Issue 34
**************************************


More information about the NANOG mailing list