Need for historical prefix blacklist (`rogue' prefixes) information

• Previous message (by thread): Need for historical prefix blacklist (`rogue' prefixes) information
• Next message (by thread): Need for historical prefix blacklist (`rogue' prefixes) information
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 29 Oct 2021, 15:55 A Crisan, <alina.florar at gmail.com> wrote:

> Hi Matthew,
> I was reading the above exchange, and I do have a question linked to your
> last affirmation. To give you some context, the last 2021 ENISA report seem
> to suggest that internet traffic is "casually registered" by X actors to
> apply post Retrospective decryption (excerpt below). This would be at odds
> with your (deescalating) affirmation that hijacks are non-malicious and
> they are de-peered quickly, unless you pinpoint complete flux arrest only.
> Are there any reportings/indicators... that look into internet flux
> constant monitoring capabilities/capacities? Thanks.
>

RPKI uses authentication not confidentiality. There is no encryption taking
place, other than the signatures on the certificates etc.

Excerpt from the introduction: "What makes matters worse is that any cipher
> text intercepted by an attacker today can be decrypted by the attacker as
> soon as he has access to a large quantum computer (Retrospective
> decryption).
>

Which do not exist (yet).

Analysis of Advanced Persistent Threats (APT) and Nation State
> capabilities,
>

Buzzwords.

along with whistle blowers’ revelations
>
 have shown that threat actors can and are casually recording all Internet
> traffic in their data centers
>

No they're not. It's just not possible or indeed necessary to duplicate
everything at large scale. Perhaps with a large amount of filtering,
certain flows would be captured, but in the days of pervasive TLS, this
seems less and less worthwhile.

 and that they select encrypted traffic as interesting and worth
> storing.This means that any data encrypted using any of the standard
> public-key systems today will need to be considered compromised once a
> quantum computer exists and there is no way to protect it retroactively,
> because a copy of the ciphertexts in the hands of the attacker. This means
> that data that needs to remain confidential after the arrival of quantum
> computers need to be encrypted with alternative means"
>

None of this is relevant to RPKI (ROV) at all. In fact, it reads like the
fevered dreams of a cyber security research student. What's your point
regarding your message? ROV does not use (nor needs) encryption.

M
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20211029/3d6a22b5/attachment.html>

• Previous message (by thread): Need for historical prefix blacklist (`rogue' prefixes) information
• Next message (by thread): Need for historical prefix blacklist (`rogue' prefixes) information
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]