Re: Need for historical prefix blacklist (`rogue' prefixes) information

[J. Hellenthal via NANOG]

He answered it completely. "You" worried about interception of RPKI exchange 
over the wire are failing to see that there is nothing there important to 
decrypt because the encryption in the transmission is not there !

And yet you've failed to even follow up to his question... "What's your point 
regarding your message? ROV does not use (nor needs) encryption."

So maybe you could give some context on that so someone can steer you out of 
the wrong direction.

-- 
 J. Hellenthal

The fact that there's a highway to Hell but only a stairway to Heaven says a 
lot about anticipated traffic volume.

> On Oct 30, 2021, at 10:31, A Crisan  wrote:
> 
> 
> Hi Matthew, 
> 
> Quantum computing exists as POCs, IBM being one of those advertising them and 
> announced to extend their project. There are others on the market, Amazon 
> advertised quantum computing as a service back in 2019: 
> https://www.theverge.com/2019/12/2/20992602/amazon-is-now-offering-quantum-computing-as-a-service.
>  The bottle neck of the current technology is scalability: we will not see QC 
> as personal computing level just yet (to go in more detail, current 
> technologies work at cryogenic temperatures, thus they are hyper expensive 
> and not really scalable), but they exist and one could be imagine they 
> are/will be used for various tasks.
> 
> On the other hand, you've actually commented every word of my mail, minus the 
> stated question. Thanks. 
> 
> Best Regards, 
> Dora Crisan 
> 
> 
> 
>  
> 
>> On Fri, Oct 29, 2021 at 8:10 PM Matthew Walster  wrote:
>> 
>> 
>>> On Fri, 29 Oct 2021, 15:55 A Crisan,  wrote:
>>> Hi Matthew,
>>> I was reading the above exchange, and I do have a question linked to your 
>>> last affirmation. To give you some context, the last 2021 ENISA report seem 
>>> to suggest that internet traffic is "casually registered" by X actors to 
>>> apply post Retrospective decryption (excerpt below). This would be at odds 
>>> with your (deescalating) affirmation that hijacks are non-malicious and 
>>> they are de-peered quickly, unless you pinpoint complete flux arrest only. 
>>> Are there any reportings/indicators... that look into internet flux 
>>> constant monitoring capabilities/capacities? Thanks.
>> 
>> 
>> RPKI uses authentication not confidentiality. There is no encryption taking 
>> place, other than the signatures on the certificates etc.
>> 
>>> Excerpt from the introduction: "What makes matters worse is that any cipher 
>>> text intercepted by an attacker today can be decrypted by the attacker as 
>>> soon as he has access to a large quantum computer (Retrospective 
>>> decryption).
>> 
>> 
>> Which do not exist (yet).
>> 
>>> Analysis of Advanced Persistent Threats (APT) and Nation State capabilities,
>> 
>> 
>> Buzzwords.
>> 
>>> along with whistle blowers’ revelations
>> 
>>>  have shown that threat actors can and are casually recording all Internet 
>>> traffic in their data centers
>> 
>> 
>> No they're not. It's just not possible or indeed necessary to duplicate 
>> everything at large scale. Perhaps with a large amount of filtering, certain 
>> flows would be captured, but in the days of pervasive TLS, this seems less 
>> and less worthwhile.
>> 
>>>  and that they select encrypted traffic as interesting and worth 
>>> storing.This means that any data encrypted using any of the standard 
>>> public-key systems today will need to be considered compromised once a 
>>> quantum computer exists and there is no way to protect it retroactively, 
>>> because a copy of the ciphertexts in the hands of the attacker. This means 
>>> that data that needs to remain confidential after the arrival of quantum 
>>> computers need to be encrypted with alternative means"
>> 
>> 
>> None of this is relevant to RPKI (ROV) at all. In fact, it reads like the 
>> fevered dreams of a cyber security research student. What's your point 
>> regarding your message? ROV does not use (nor needs) encryption.
>> 
>> M
>> 

Re: Need for historical prefix blacklist (`rogue' prefixes) information

[A Crisan]

Hi Matthew,

Quantum computing exists as POCs, IBM being one of those advertising them
and announced to extend their project. There are others on the market,
Amazon advertised quantum computing as a service back in 2019:
https://www.theverge.com/2019/12/2/20992602/amazon-is-now-offering-quantum-computing-as-a-service.
The bottle neck of the current technology is scalability: we will not see
QC as personal computing level just yet (to go in more detail, current
technologies work at cryogenic temperatures, thus they are hyper expensive
and not really scalable), but they exist and one could be imagine they
are/will be used for various tasks.

On the other hand, you've actually commented every word of my mail, minus
the stated question. Thanks.

Best Regards,
Dora Crisan





On Fri, Oct 29, 2021 at 8:10 PM Matthew Walster  wrote:

>
>
> On Fri, 29 Oct 2021, 15:55 A Crisan,  wrote:
>
>> Hi Matthew,
>> I was reading the above exchange, and I do have a question linked to your
>> last affirmation. To give you some context, the last 2021 ENISA report seem
>> to suggest that internet traffic is "casually registered" by X actors to
>> apply post Retrospective decryption (excerpt below). This would be at odds
>> with your (deescalating) affirmation that hijacks are non-malicious and
>> they are de-peered quickly, unless you pinpoint complete flux arrest only.
>> Are there any reportings/indicators... that look into internet flux
>> constant monitoring capabilities/capacities? Thanks.
>>
>
> RPKI uses authentication not confidentiality. There is no encryption
> taking place, other than the signatures on the certificates etc.
>
> Excerpt from the introduction: "What makes matters worse is that any
>> cipher text intercepted by an attacker today can be decrypted by the
>> attacker as soon as he has access to a large quantum computer
>> (Retrospective decryption).
>>
>
> Which do not exist (yet).
>
> Analysis of Advanced Persistent Threats (APT) and Nation State
>> capabilities,
>>
>
> Buzzwords.
>
> along with whistle blowers’ revelations
>>
>  have shown that threat actors can and are casually recording all Internet
>> traffic in their data centers
>>
>
> No they're not. It's just not possible or indeed necessary to duplicate
> everything at large scale. Perhaps with a large amount of filtering,
> certain flows would be captured, but in the days of pervasive TLS, this
> seems less and less worthwhile.
>
>  and that they select encrypted traffic as interesting and worth
>> storing.This means that any data encrypted using any of the standard
>> public-key systems today will need to be considered compromised once a
>> quantum computer exists and there is no way to protect it retroactively,
>> because a copy of the ciphertexts in the hands of the attacker. This means
>> that data that needs to remain confidential after the arrival of quantum
>> computers need to be encrypted with alternative means"
>>
>
> None of this is relevant to RPKI (ROV) at all. In fact, it reads like the
> fevered dreams of a cyber security research student. What's your point
> regarding your message? ROV does not use (nor needs) encryption.
>
> M
>
>

Re: Need for historical prefix blacklist (`rogue' prefixes) information

[Amir Herzberg]

I am very grateful for the help I received from several people (mostly off
list, which is great to avoid spamming the list).

In particular, +Giotsas, Vasileios  , introduced
by Joe Provo, provided a wonderful RIPE resource which provides convenient
API to data from (at least) UCEprotect and SpamHaus, perfectly meeting out
current needs: https://stat.ripe.net/docs/data_api#blocklist.

Let me also use this email to briefly comment on two points from  Matthew
Walster's posts; and Matthew, I really come at peace, I have a lot of
respect for you and your work, but we can also disagree on some things,
right? So:

1. Matthew's email basically seemed to imply intentional hijacks are not a
concern (rare/non-existent?). Few measurement works seem to show the
contrary; I esp. recommend the `Profiling BGP serial hijackers' paper from
IMC'19 by a team of excellent researchers.

2. A bit off-topic, Matthew's response to Dora Crisan seem to imply BGP
eavesdropping for eventual cryptanalysis, possibly using Quantum computing,
isn't a concern. On the one hand, I agree that Quantum computing seems
still quite far from ability to break state-of-art PKC, and it may long
till it becomes practical (if ever). OTOH, it may also not take that long;
also, `conventional' cryptanalysis may still happen, e.g., see
Schnorr's recent paper, ia.cr/2021/232, which claimed to `destroy' RSA
[withdrawn later, so apparently even Schnorr can err - that's part of
science - but this doesn't mean next effort won't succeed or that some
TLA  (three lettered adversaries) didn't succeed already]. TLAs may have
other motivations for eavesdropping, like collecting meta-data. Now, I am
sure many customers and providers may not care about security against such
TLAs, but I think it is legitimate for some people to be concerned.

Best, Amir
-- 
Amir Herzberg

Comcast professor of Security Innovations, Computer Science and
Engineering, University of Connecticut
Homepage: https://sites.google.com/site/amirherzberg/home
`Applied Introduction to Cryptography' textbook and lectures:
 https://sites.google.com/site/amirherzberg/applied-crypto-textbook





On Thu, Oct 28, 2021 at 7:48 PM Amir Herzberg  wrote:

> Hi NANOGers, for our research on ROV (and ROV++, our extension, NDSS'21),
> we need access to historical data of blacklisted prefixes (due to spam,
> DDoS, other), as well as suspect-hijacks list (beyond BGPstream which we
> already have).
>
> Basically we want to measure if the overlap (and non-overlap) btw such
> `suspect' prefixes and ROV-Invalid prefixes.
>
> Any help would be appreciated. I'm not sure the list would be interested
> so I recommend you respond to me privately; if there are useful responses,
> I could post a summary to the list after few days (of collecting responses,
> if any).
>
> thanks and regards... Amir
> --
> Amir Herzberg
>
> Comcast professor of Security Innovations, Computer Science and
> Engineering, University of Connecticut
> Homepage: https://sites.google.com/site/amirherzberg/home
> `Applied Introduction to Cryptography' textbook and lectures:
>  https://sites.google.com/site/amirherzberg/applied-crypto-textbook
> 
>
>
>