I feel like BGP would be a great place to experiment with PKI systems, possibly with some additional global consensus mechanism.
-
BGP has well known security flaws that cause real problems. It is very common that misconfigured or malicious route advertisements cause outages or redirect traffic to an attacker. (C.f. BGP hijacking against Bitcoin miners.)
Some kind of PKI system which let AS operators associate one or more public keys with their AS, and handled transfers of IP space between ASs, would allow BGP updates to be signed by the AS owner's key and totally eliminate this class of vulnerability.
Additionally, it would allow ASs to end-to-end encrypt and authenticate BGP communications. BGP updates aren't exactly sensitive, but why not, ya know?
-
There are around 60,000 ASs in existence, so a modest 7 tx/second message rate would be enough to process an update to each one 10 times every day. If the purpose of the network were just to handle public key updates, likely only a small fraction of this would be needed for routine and emergency key updates.
There are 837,482 IP prefixes, so these could be turned over once every 1.5 days or so. IP blocks move relatively infrequently, like AS keys would, so this is probably
-
AS operators are usually well funded, and have ready access to compute, network, rackspace, and skilled humans. If running some kind of box with not-totally-crazy resource and maintenance requirements marginally increased their security, they would all do it.
-
AS operators have a high degree of control over their network peering relationships, and many large networks have direct physical connections to multiple other ASs. This mitigates the risk of partitioning and starvation attacks somewhat.
-
There is a high degree of cooperation, goodwill, and existing relationships between AS operators. This makes me wonder if schemes that I usually see as not fit for use in cryptocurrency contexts, like Ripple-style consensus systems, might actually work in the AS context. Ripple has no credible mechanism to deal with consensus failure if network operators disagree on the state of the network, and there are many incentives that might cause Ripple network operators to disagree on network state. However, in the AS context, there is little reason for network operators to disagree, and they are highly motivated to such disagreements out of band.
-
Maybe no global consensus mechanism is necessary, and some kind of simple PKI would be good enough! However, it would be very nice if the current network consensus could be summed up in a small amount of data , such that it would be easy and low-bandwidth to discover if you were out of sync with the network, or being partitioned in the case of single-homed networks.