[Resource Topic] 2014/444: RPKI vs ROVER: Comparing the Risks of BGP Security Solutions

Welcome to the resource topic for 2014/444

RPKI vs ROVER: Comparing the Risks of BGP Security Solutions

Authors: Aanchal Malhotra, Sharon Goldberg


Route Origin Verification (ROVER), a mechanism for securing interdomain routing with BGP, is a proposed alternative to the Resource Public Key Infrastructure (RPKI). While the RPKI requires the design and deployment of a completely new security infrastructure, ROVER leverages existing reverse DNS and DNSSEC deployments. Both ROVER and RPKI are based on a hierarchy of authorities that are trusted to provide information about the routing system. It has been argued recently that misconfigurations or compromises of the RPKI’s trusted authorities can present new risks to the routing system. Meanwhile, the advocates of ROVER claim that it provides a “fail-safe” approach, where the Internet will continue to work as it is even when ROVER fails. This poster therefore compares the impact of ROVER failures to those of the RPKI.

ePrint: https://eprint.iacr.org/2014/444

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .