Researchers from Germany have highlighted vulnerabilities and issues in the Resource Public Key Infrastructure (RPKI) protocol, indicating a lack of sufficient stability and safety.
The RPKI protocol was developed to address the shortcomings of the Border Gateway Protocol (BGP), which had previously failed to ensure the secure routing of Internet traffic. RPKI utilizes validation mechanisms (ROV) and authorization (ROA) to verify routes, enabling network operators to authenticate BGP routes and advertisements. However, a recent report suggests that RPKI falls short of fully meeting its intended objectives.
In early September, the White House integrated RPKI into the network infrastructure to enhance security and safeguard the Internet’s integrity with respect to US national security and economy. Nevertheless, the latest findings have raised doubts about the efficiency of RPKI.
Experts identified 53 vulnerabilities in various RPKI software components, including:
- DOS (Disk Operating System): an operating system predominantly used in personal computers during the 1980s and early 1990s. DOS was primarily designed to manage operations with hard drives and other storage devices, such as floppy disks. Its command-line interface allowed users to execute commands in a straightforward computing language, enabling tasks like running applications, navigating the file system, creating/deleting files, formatting disks, and more.