team demonstrates that basic mechanism for internet security can be broken
Credit: Pixabay/CC0 Public Domain

The National research center for Cybersecurity ATHENE has found a way to break one of the basic mechanisms used to secure internet traffic. The mechanism, called RPKI, is actually designed to prevent cybercriminals or government attackers from diverting traffic on the internet.

Such redirections are surprisingly common on the internet, for example, for espionage or through misconfigurations. The ATHENE scientist team of Prof. Dr. Haya Shulman showed that attackers can completely bypass the security mechanism without the affected network operators being able to detect this. According to analyses by the ATHENE team, popular implementations of RPKI worldwide were vulnerable by early 2021.

The team informed the manufacturers, and now presented the findings to the international expert public.

Misdirecting bits of internet traffic causes a stir, as happened in March this year when Twitter traffic was partially diverted to Russia. Entire companies or countries can be cut off from the internet or internet traffic can be intercepted or overheard.

From a technical point of view, such attacks are usually based on prefix hijacks. They exploit a fundamental design problem of the internet: The determination of which IP address belongs to which network is not secured. To prevent any network on the internet from claiming IP address blocks they do not legitimately own, the IETF, the organization responsible for the internet, standardized the Resource Public Key Infrastructure, RPKI.

RPKI uses digitally signed certificates to confirm that a specific IP address block actually belongs to the specified network. In the meantime, according to measurements by the ATHENE team, almost 40% of all IP address blocks have an RPKI certificate, and about 27% of all networks verify these certificates.

As the ATHENE team led by Prof. Dr. Haya Shulman discovered, RPKI also has a design flaw: If a network cannot find a certificate for an IP address block, it assumes that none exists. To allow traffic to flow on the internet anyway, this network will simply ignore RPKI for such IP address blocks, i.e., routing decisions will be based purely on unsecured information, as before. The ATHENE team was able to show experimentally that an attacker can create exactly this situation and thus disable RPKI without anyone noticing. In particular, the affected network, whose certificates are ignored, will not notice it either. The attack, called Stalloris by the ATHENE team, requires that the attacker controls a so-called RPKI publication point. This is not a problem for state attackers and organized cybercriminals.

According to the investigations of the ATHENE team, at the beginning of 2021 all popular products used by networks to check RPKI certificates were vulnerable in this way. The team informed manufacturers about the attack.

Now the team has published its findings at two of the top conferences in IT security, the scientific conference Usenix Security 2022 and the industry conference Blackhat U.S. 2022. The work was a collaboration between researchers from ATHENE contributors Goethe University Frankfurt am Main, Fraunhofer SIT and Darmstadt University of Technology. More information: Attack description: blog.apnic.net/2022/06/15/stal … pki-downgrade-attack

Conference: www.usenix.org/conference/usenixsecurity22

Conference: www.blackhat.com/us-22/

TECH NEWS RELATED

iQOO 11 series specifications, colors tipped via leaked poster

The upcoming iQOO 11 series smartphones’ key specifications have been revealed before launch, courtesy of a reliable tipster. To those unaware, iQOO recently postponed the iQOO 11 series launch to December 8. The iQOO 11 lineup will go official in China and Indonesia. The 11 series comprises two new premium ...

View more: iQOO 11 series specifications, colors tipped via leaked poster

Robot suppliers continue capacity expansions in China despite instability, says DIGITIMES Research

China remains the largest manufacturing industry in the world, making its industrial robot market a segment full of potential. Although around 70% of industrial robot suppliers in China are not domestic companies, they continue expanding capacities in the country despite concerns toward China’s instability amid geopolitical and trade issues, ...

View more: Robot suppliers continue capacity expansions in China despite instability, says DIGITIMES Research

GF and Intel semiconductor talent forgo are gifts to competitors

Intel is offering voluntary unpaid leave for thousands of employees while GlobalFoundries (GF) is laying off 6% of its global workforce to reduce short-term costs amid an industry down cycle. They are probably doing competitors such as TSMC, Samsung, UMC, and Foxconn a favor. Financial Times reported that Intel ...

View more: GF and Intel semiconductor talent forgo are gifts to competitors

Vingroup partners Google Cloud to modernize group-wide SAP applications, accelerate global growth ambitions

Vingroup, Vietnam’s largest private conglomerate, has on Monday announced a strategic collaboration with Google Cloud to modernize and connect its critical systems and data at a group-wide level. This reaffirms Vingroup’s commitment toward adopting best-in-class technologies to boost its production capabilities, improve product and service quality, enhance the customer ...

View more: Vingroup partners Google Cloud to modernize group-wide SAP applications, accelerate global growth ambitions

Researchers harness bacteria-eating viruses to create powerful food decontamination spray

Researchers tested their food-safe antibacterial spray on foods including beef and romaine lettuce. Credit: McMaster University Researchers at McMaster University have created a powerful new weapon against bacterial contamination and infection. They have developed a way to coax bacteriophages—harmless viruses that eat bacteria—into linking together and forming microscopic beads. ...

View more: Researchers harness bacteria-eating viruses to create powerful food decontamination spray

What does Polly say? Community science data reveal species differences in vocal learning by parrots

Credit: CC0 Public Domain While most animals don’t learn their vocalizations, everyone knows that parrots do—they are excellent mimics of human speech. But how large is the vocabulary of different parrot species? Do males “talk” more than females? Does a parrot’s vocabulary expand with age? A new study publishing ...

View more: What does Polly say? Community science data reveal species differences in vocal learning by parrots

Volkswagen faces growing backlash in China over malfunctioning software in ID Series

Every Wednesday and Friday, TechNode’s Briefing newsletter delivers a roundup of the most important news in China tech, straight to your inbox. Volkswagen faces a growing public backlash in China over malfunctioning software in its electric vehicle ID Series — including sudden black screens and frequent internet disconnection — ...

View more: Volkswagen faces growing backlash in China over malfunctioning software in ID Series

Apple suppliers expand investment in India, look to dial down China operations

Apple suppliers have upped investment in production in India in recent months as they look to diversify supply lines and expand in the country. In September, Indian firm Tata Group entered discussions with Taiwan-headquartered Apple supplier Wistron over the building of an iPhone assembly plant in India, according to ...

View more: Apple suppliers expand investment in India, look to dial down China operations

Putin ally Kudrin accepts tech giant Yandex's offer of advisory role

AirPods Pro 2 Deal at Amazon Brings Back Black Friday Pricing Ahead of the Holidays

What Is DataOps?

Meta to jointly invest with Airtel in telecom infrastructure

iQOO 11 series launching in China on December 8 alongside iQOO Neo 7 SE

The first complete picture of Arctic sea ice freeze-thaw cycle highlights sea ice response to climate change

Vivo Y02 launched in India with MediaTek SoC, 5,000 mAh Battery, Android 12 Go Edition

Airtel-Meta to jointly invest in global network connectivity infra

Call of Duty: Modern Warfare 2 (PC) Review: The Campaign takes the cake for once

New Zealand's NZ Super Fund commits up to $70M to Movac's tech fund

Graphics: How China constructs its first space station in two years

Exclusive: China's chief astronaut system designer on Shenzhou-14 crew members

OTHER TECH NEWS

Top Car News Car News