The ByzRP Solution: A Global Operational Shield for RPKI Validators
Black Hat Asia 2025 · Day 1 · Briefings
This talk introduces ByzRP (Byzantine Fault Tolerant RPKI), an innovative approach to enhance the security, robustness, and performance of the **Resource Public Key Infrastructure (RPKI)**. RPKI is a critical component for securing the internet's routing infrastructure, specifically designed to mitigate **Border Gateway Protocol (BGP) hijacking attacks**. While RPKI has seen significant adoption by major Internet Service Providers (ISPs) and companies like Amazon, and has even been highlighted in U.S. government roadmaps for internet security, its current implementation faces several inherent vulnerabilities and operational challenges.
AI review
This talk presents ByzRP, a Byzantine Fault Tolerant solution to significantly enhance RPKI security and performance. It addresses critical vulnerabilities in existing RPKI relying parties (DOS, stalling attacks, instability) through a watchdog mechanism and a BFT consensus network. The solution not only ensures a robust, consistent RPKI ground truth but also dramatically reduces network traffic and simplifies RPKI adoption, offering a foundational improvement to global internet routing security against BGP hijacking. This is exactly the kind of deep, impactful research the industry needs.