Abstract
The RPKI currently relies on RSA signatures, which are vulnerable to attacks by powerful quantum computers. While much research is done on post-quantum cryptography (PQC) and its application in protocols like TLS and DNSSEC, no such work has been done for the RPKI. My thesis lays the groundwork for a migration to post-quantum cryptography in the RPKI.
We first show that reliance on the RPKI with insecure cryptography can be abused for severe attacks
that are even more effective than original BGP attacks. We then evaluate which post-quantum signatures can be a suitable replacement for RSA in the RPKI.
Next, we introduce the null scheme: a novel method to avoid redundant signatures and public keys that are present in every signed object in the RPKI. This can reduce the size and verification time of the RPKI (e.g. reducing the median ROA size from 4354 to 2295 bytes when using a hybrid of Falcon-512 and RSA-2048), largely making up for the performance cost of switching to post-quantum signatures. This is particularly useful when introduced together with post-quantum signatures, but also valuable independently.
The null scheme is detailed in an Internet-Draft, with working prototypes in Krill and Routinator.
Finally, we argue that the existing algorithm agility procedure (RFC6916) is impractical, and propose a simpler mixed-tree migration that (1) is not necessarily top-down, (2) requires no globally coordinated milestone days, and (3) uses simple key rollovers for individual CAs using the familiar RFC6489 key rollover procedure. In this approach, updated relying party software and trust anchors are distributed as soon as possible, while actual CA migrations can be delayed without problem. Our proof-of-concept implementation in Krill and Routinator demonstrates the feasibility of this approach. We publish this implementation to provide a starting point for further research and testing.
Recording
Video will be added soon.Speaker

Dirk Doesburg
Graduated in Cyber Security at Radboud University in the Netherlands, and did a MSc thesis at SIDN Labs about PQC for the RPKI.