WO2018235085A1

WO2018235085A1 - Method of certifying ownership of internet protocol addresses and system thereof

Info

Publication number: WO2018235085A1
Application number: PCT/IL2018/050688
Authority: WO
Inventors: Michael SCHAPIRA; Avichai Cohen; Yossi Gilad; Haya SHULMAN; Amir Herzberg
Original assignee: Yissum Research Development Company Of The Hebrew University Of Jerusalem Ltd.; Fraunhofer-Gesellschaft Zur Forderung Der Angewandten Forschung E.V.; Bar Ilan University
Priority date: 2017-06-21
Filing date: 2018-06-21
Publication date: 2018-12-27

Abstract

There are provided a system and method of certifying ownership of a set of Internet Protocol (IP) addresses, the method including: receiving from a requesting system a request to be certified for ownership of the set of IP addresses; distributing, during a predetermined certifying interval, a plurality of random challenges to the requesting system through a plurality of different routing paths; receiving one or more responses each corresponding to a given random challenge; and verifying the one or more responses and sending a certificate to the computerized requesting system upon a condition being met. There are also provided a system and method of requesting certification of ownership of a set of IP addresses.

Description

. i -

Method Of Certifying Ownership Of Internet Protocol Addresses And System

Thereof

TECHNICAL FIELD

[001] The presently disclosed subject matter relates, in general, to the field of network resource certification, and more specifically, to methods and systems for certification of Internet Protocol (IP) address ownership.

BACKGROUND

[002] The routing infrastructure of the global Internet comprises tens of thousands of organizational networks that are conimimicatively connected. Despite significant awareness and efforts, Internet security vulnerabilities are evidenced by numerous Internet outages and blackouts, traffic hijacking and surveillance incidents, etc. One of the increased network security issues relates to the problem of validating and certifying network identities. An example on this aspect is IP prefix hijacking in inter-domain routing, i.e., illegitimate takeover of groups of IP addresses by corrupting Internet routing tables. Such corruption is achieved by announcing, intentionally or by accident, unauthorized IP addresses or prefixes.

[003] Such problems have been recognized in the conventional art. Among known solutions for reducing vulnerabilities in inter-domain routing is an approach proposed by IETF's Secure Inter-Domain Routing (SIDR) w orking group. The approach comprises deployment of the Resource Public Key Infrastructure (RPKT) followed by global transition to a secure inter-domain routing protocol (e.g. cryptographic extensions of Broder Gateway Protocol (BGP) protocol such as soBGP, S-BGP, BGPSEC, etc).

GENERAL DESCRIPTIO [004] In accordance with certain aspects of the presently disclosed subject matter, there is provided a computerized method of certifying ownership of a set of Internet Protocol (IP) addresses, the method being performed by at least one computerized certifying system, the method comprising: receiving, from a computerized requesting system, a request to be certified for ownership of the set of IP addresses, the request indicative of a public key of the computerized requesting system associated with the set of IP addresses, the public key and the set of IP addresses extractabie from the request by the at least one computerized certifying system; distributing, during a predetermined certifying interval, a plurality of random challenges to the computerized requesting system through a plurality of different routing paths: receiving, from the computerized requesting system, one or more responses each corresponding to a given random challenge and including a received random challenge signed with a private key of the computerized requesting system; and verifying the one or more responses and sending a certificate to the computerized requesting system upon a condition being met, the condition comprising: for each of at least a percentage of the plurality of random challenges, a respective response is received and successfully verified using the public key of the computerized requesting system, wherein the at least percentage meets a predetermined threshold.

[005] In addition to the above features, the method according to this aspect of the presently disclosed subject matter can comprise one or more of features (i) to (x) listed below, in any desired combination or permutation which is technically possible:

(i) . The at least one computerized certifying system can comprise one computerized certifying system, and the method can further comprise storing the certificate in association with the computerized requesting system in an IP ownership database, thereby certifying the ownership of the set of IP addresses to the computerized requesting system.

(ii) . Hie at least one computerized certifying system can comprise multiple computerized certifying systems. The certificate sent by each of the multiple computerized certifying systems is a partial certificate. The method can be performed by each of the multiple computerized certifying systems and further comprise: upon receiving a certificate from the computerized requesting system, wherein the certificate is generated by the computerized requesting system based on partial certificates received from, at least part of the multiple certifying systems, storing the certificate in association with the computerized requesting system in a respective IP ownership database, thereby certifying the ownership of the set of IP addresses to the computerized requesting system.

(iii) . The certificate can be generated by the computerized requesting system upon a number of partial certificates being received from a number of computerized certifying systems that meet a predetermined criterion.

(iv) . The plurality of different routing paths can be determined by choosing different relays using a relay infrastructure.

(v) . The plurality of random challenges can be sent to different IP addresses in the set of IP addresses.

(vi). The method can further comprise receiving additional infoiTnation related to the set of IP addresses from the computerized requesting system and storing the additional information in association with the certificate in the IP ownership database, the additional information signed with the private key of the computerized requesting system,

(vii). The method can further comprise determining whether to revoke the certificate upon detection of a Resource Public Key Infrastructure (RPKJ) certificate received by the computerized requesting system.

(viii). The computerized requesting system can be an Autonomous System (AS).

(ix) . The additional information can comprise an identifier of the computerized requesting system and/or an adjacent neighbor list.

(x) . The predetermined criterion can be selected from a group comprising; a majority of the multiple computerized certifying systems, a set of trusted computerized certifying systems, and a weighted majority of the multiple computerized certifying systems.

[006] In accordance with other aspects of the presently disclosed subject matter, there is provided a computerized certifying system, the system comprising a processing and memory circuitry (PMC) configured to: receive, from a computerized requesting system, a request to be certified for ownership of a set of IP addresses, the request indicative of a public key of the computerized requesting system associated with the set of IP addresses, the public key and the set of IP addresses extractable from the request by the at least one computerized certifying system; distribute, during a predetermined certifying interval, a plurality of random challenges to the computerized requesting system through a plurality of different routing paths; receive, from the computerized requesting system, one or more responses each corresponding to a given random challenge and including a received random challenge signed with a private key of the computerized requesting system; and verify the one or more responses and send a certificate to the computerized requesting system upon a condition being met, the condition comprising: for each of at least a percentage of the plurality of random challenges, a respective response is received and successfully verified using the public key of the computerized requesting system, wherein the at least percentage meets a predetermined threshold.

[007] This aspect of the disclosed subject matter can comprise one or more of features (i) to (x) listed above with respect to the method, mutatis mutandis, in any desired combination or permutation which is technically possible.

[008] In accordance with other aspects of the presently disclosed subject matter, there is provided a computer program product that includes a non-transitory computer readable storage medium storing instructions for performing the following method steps: receiving, from a computerized requesting system, a request to be certified for ownership of the set of IP addresses, the request indicative of a public key of the computerized requesting system associated with the set of IP addresses, the public key and the set of IP addresses extractable from the request by the at least one computerized certifying system; distributing, during a predetermined certifying interval, a plurality of random challenges to the computerized requesting system through a plurality of different routing paths; receiving, from the computerized requesting system, one or more responses each corresponding to a given random challenge and including a received random challenge signed with a private key of the computerized requesting system; and verifying the one or more responses and sending a certificate to the computerized requesting system upon a condition being met, the condition comprising: for each of at least a percentage of the plurality of random challenges, a respective response is received and successfully verified using the public key of the computerized requesting system, wherein the at least percentage meets a predetermined threshold. [009] This aspect of the disclosed subject matter can comprise one or more of features (i) to (x) listed above with respect to the method, mutatis mutandis, in any desired combination or permutation which is technically possible.

[0010] In accordance with certain aspects of the presently disclosed subject matter, there is provided a computerized method of requesting certification of ownership of a set of internet Protocol (IP) addresses, the method being performed by a computerized requesting system, the method comprising: sending a request to at least one computerized certifying system to be certified for ownership of the set of IP addresses, the request indicative of a public key of the computerized requesting system associated with the set of IP addresses, the public key and the set of IP addresses extractabie from the request by the at least one computerized certifying system; receiving, from the at least one computerized certifying system, a plurality of random challenges sent during a predetermined certifying interval through a plurality of different routing paths; sending, to the at least one computerized certifying system, a response corresponding to each given received random challenge, wherein the response includes the given received random challenge signed with a private key of the computerized requesting system ; and receiving, from the at least one computerized certifying system, a certificate upon a condition being met, the condition comprising: for each of the plurality of random challenges, a respective response is received and successfully verified by the at least one computerized certifying system using the public key of the computerized requesting system.

[0011] In addition to the above features, the method according to this aspect of the presently disclosed subject matter can comprise one or more of features (i) to (xi) listed below, in any desired combination or permutation which is technically possible :

(i) . The method can further comprise installing an agent in the computerized requesting system, the agent capable of sending the request to the at least one computerized certifying system and receiving the plurality of random challenges sent to different IP addresses in the set of IP addresses.

(ii) . The at least one computerized certifying system can comprise multiple computerized certifying systems. The certificate sent by each of the multiple computerized certifying systems is a partial certificate. The method can further comprise: generating a certificate based on partial certificates received from at least part of the multiple computerized certifying systems, and sending the certificate to the multiple computerized certifying systems to be stored in association with the computerized requesting system in an IP ownership database, thereby rendering the computerized requesting system to be certified with the ownership of the set of IP addresses by the at least one computerized certifying system.

The certificate can be generated by the computerized requesting system upon a number of partial certificates being received from a number of computerized certifying systems that meet a predetermined criterion.

The plurality of different routing paths can be determined by choosing different relays using a relay infrastructure ,

The plurality of random challenges can be sent to different IP addresses in the set of IP addresses.

The method can further comprise providing additional information related to the set of IP addresses to be stored in association with the certificate in the IP ownership database, the additional information signed with the private key of the computerized requesting system.

The method can further comprise periodically requesting, from the IP ownership database, an update of new certificates associated with one or more newly certified requesting systems and the additional information associated with the new certificates so as to periodically filter out routing paths that are inconsistent with the update.

The method can further comprise alerting a victim requesting system about an IP address hijack when identifying inconsistency during the periodic filtering.

The computerized requesting system can be an Autonomous System (AS).

The additional information can comprise an identifier of the computerized requesting system and/or an adjacent neighbor list.

The predetermined criterion can be selected from a group comprising: a majority of the multiple computerized certifying system, a set of trusted computerized certifying systems, and a weighted majority of the multiple computerized certifying system.

[0012] In accordance with other aspects of the presently disclosed subject matter, there is provided a computerized certification requesting system, the system comprising a processing and memory circuitry (PMC) configured to: send a request to at least one computerized certifying system to be certified for ownership of the set of IP addresses, the request indicative of a public key of the computerized requesting system associated with the set of IP addresses, the public key and the set of IP addresses extractabie from the request by the at least one computerized certifying system; receive, from the at least one computerized certifying system, a plurality of random challenges sent during a predetermined certifying interval through a plurality of different routing paths; send, to the at least one computerized certifying system, a response corresponding to each given received random challenge, wherein the response includes the given received random challenge signed with a private key of the computerized requesting system: and receive, from the at least one computerized certifying system, a certificate upon a condition being met, the condition comprising: for each of the plurality of random challenges, a respective response is received and successfully verified by the at least one computerized certifying system using the public key of the computerized requesting system.

[0013] This aspect of the disclosed subject matter can comprise one or more of features (i) to (xi) listed above with respect to the method, mutatis mutandis, in any desired combination or permutation which is technically possible.

[0014] In accordance with oilier aspects of the presently disclosed subject matter, there is provided a computer program product that includes a non-transitory computer readable storage medium storing instructions for performing the following method steps: sending a request to at least one computerized certifying system to be certified for ownership of the set of IP addresses, the request indicative of a public key of the computerized requesting system associated with the set of IP addresses, the public key and the set of IP addresses extractabie from the request by the at least one computerized certifying system; receiving, from the at least one computerized certifying system, a plurality of random challenges sent during a predetermined certifying interval through a plurality of different routing paths; sending, to the at least one computerized certifying system, a response corresponding to each given received random challenge, wherein the response includes the given received random challenge signed with a private key of the computerized requesting system; and receiving, from the at least one computerized certifying system, a certificate upon a condition being met, the condition comprising: for each of the plurality of random challenges, a respective response is received and successfully verified by the at least one computerized certifying system using the public key of the computerized requesting system.

[0015] This aspect of the disclosed subject matter can comprise one or more of features (i) to (xi) listed above with respect to the method, mutatis mutandis, in any- desired combination or permutation which is technically possible.

BRIEF DESCRIPTION OF THE DRAWINGS

[0016] In order to understand the invention and to see how it may be carried out in practice, embodiments will now be described, by way of non-limiting example only, with reference to the accompanying drawings, in which:

[0017] Fig. 1 schematically illustrates a block diagram of a computerized certifying system and a computerized requesting system in accordance with certain embodiments of the presently disclosed subject matter;

[0 18] Fig. 2 illustrates an automatic certification mechanism with respect to an exemplary network infrastructure in accordance with certain embodiments of the presently disclosed subject matter;

[0019] Fig. 3 illustrates a generalized flowchart of certifying ownership of a set of IP addresses by at least one computerized certifying system, in accordance with certain embodiments of the presently disclosed subject matter; and

[0020] Fig. 4 illustrates a generalized flowchart of requesting certification of ownership of a set of IP addresses by a computerized requesting system in accordance with certain embodiments of the presently disclosed subject matter. DETAILED DESCRIPTION OF EMBODIMENTS

[0021] In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the invention. However, it will be understood by those skilled in the art that the presently disclosed subject matter may be practiced without these specific details. In other instances, well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the presently disclosed subject matter.

[0022] Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as "certifying", "receiving", "requesting", "distributing", "verifying", "storing", "generating", "determining", "sending", "revoking", "installing", "meeting", "providing", "filtering", "alerting", or the like, refer to the action(s) and/or process(es) of a computer that manipulate and/or transform data into other data, said data represented as physical, such as electronic, quantities and/or said data. representing the physical objects. The term "computer" should be expansively construed to cover any kind of hardware -based electronic dev ice with data processing capabil ities including, by way of non-lim iting example, the computerized certifying system, the computerized requesting system and the processing and memory circuitry (PMC) thereof disclosed in the present application.

[0023] The operations in accordance with the teachings herein can be performed by a computer specially constructed for the desired purposes or by a general purpose computer specially configured for the desired purpose by a computer program stored in a non-transitor computer readable storage medium.

[0024] The terms "non-transitory memory", "non-transitory storage medium" and "non-transitory computer readable storage medium" used herein should be expansively construed to cover any volatile or non-volatile computer memory suitable to the presently disclosed subject matter.

[0025] Embodiments of the presently disclosed subject matter are not described with reference to any particular programming language. It will be appreciated that a variety of programming languages may be used to implement the teachings of the presently disclosed subject matter as described herein. [0026] As used herein, the phrase "for example," "such as", "for instance" and variants thereof describe non-limiting embodiments of the presently disclosed subject matter. Reference in the specification to "one case", "some cases", "other cases" or variants tiiereof means that a particular feature, structure or characteristic described in connection with the embodiment(s) is included in at least one embodiment of the presently disclosed subject matter. Thus the appearance of the phrase "one case", "some cases", "other cases" or variants thereof does not necessarily refer to the same embodiment(s).

[0027] It is appreciated that, unless specifically stated otherwise, certain features of the presently disclosed subject matter, which are described in the context of separate embodiments, can also be provided in combination in a single embodiment. Conversely, various features of the presently disclosed subject matter, which are described in the context of a single embodiment, can also be provided separately or in any suitable sub-combination. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the methods and apparatus.

[0028] In certain embodiments of the presently disclosed subject matter, one or more stages may be executed in a different order and/or one or more groups of stages may be executed simultaneously and vice versa.

[0029] Bearing this in mind, attention is drawn to Fig. 1, schematically illustrating a block diagram of a computerized certifying system, and a computerized requesting system in accordance with certain embodiments of the presently disclosed subject matter.

[0030] The system 110 illustrated in Fig. 1 is a computer-based certifying system capable of certifying ownership of a set of Internet Protocol (IP) addresses to a requesting system (e.g., system 120). The system 120 is a comp ter-based certification requesting system for requesting, from a certifying system (e.g., system 110) certification of ownership of a set of IP addresses. In one embodiment, the requesting system 110 can refer to any organizational network in the Internet that comprises one or more interconnected computers owning a range or a set of IP addresses. By way of example, the organizational network can range from, home network, office network, to a larger corporation network etc. In some cases, the organizational network can be a part of other networks, or it can be integrated, fully or partially with other network entities. The present disclosure is not limited by the scale, type or functionality of such network. The certifying system 20 can refer to any computerized entity with processing capability of certification of IP ownership, as described in further detail below. By way of example, the certifying system can be implemented as a server operatively connected to one or more requesting systems.

[0031] As aforementioned, there is a need in network communication for validating or certifying network identities or resources, i.e., to prove that a given network is who it announces to be, and/or that it is the legitimate owner of a set of IP addresses or IP blocks that it announces to own. The presently disclosed subject matter provides such a certification mechanism which can be used for enhancing the security of network infrastructure and creating trustworthy Internet communication.

[0032] In particular, one example of the requesting system described herein is an Autonomous System (AS). An AS refers to an independently administrated network which comprises a group of one or more networks presenting a common external routing policy to the Internet. Each AS has its own unique AS identifier and owns one or more IP routing prefixes (i.e., IP prefixes). An IP prefix refers to a set of IP addresses or IP address blocks that are owned by the AS. Border Gateway Protocol (BGP) is the standard routing protocol used to exchange information about inter- domain IP routing between ASs.

[0033] Inter-domain routing is known to be vulnerable to prefix hijacking, i.e., illegitimate takeover of groups of IP addresses by corrupting Internet routing tables. Such corruption can be achieved by announcing, either intentionally or by accident, unauthorized prefixes. As described above, one known solution for reducing vulnerabilities in the inter-domain routing is Resource Public Key Infrastructure (RPKI). RPKI infrastructure enables cryptographic-based certification of IP prefixes by trust-anchors. RPKI certificates allow BGP routers to perform authentication of origin, detect and discard prefix hijacks, i.e. BGP route advertisements where an IP prefix is announced by an AS that is not its legitimate owner.

[0034] However, despite its well-intended role for securing the Internet routing system, the deployment of the RPKI is discouragingly slow. The vast majority of IP prefixes is still not protected by RPKI, and almost no AS uses the RPKI to filter an invalid advertisement, leaving the Internet largely exposed to traffic hijacking. This is at least partially because RPKTs certification process is manual, non-validated and error-prone (e.g., due to operational mistakes and human error). A wrong RPKI record might not defend the issuer, but the risks are often far greater. An AS that discards BGP advertisements, i.e., performs Route-Origin Validation (ROV) based on wrong RPKI records, might be immediately disconnected from thousands of legitimate destinations, rendering the security solution arguably more dangerous than the vulnerability that it aims to address.

[0035] The above obstacles create a circular relation, hindering the adoption of RPKI: not sufficiently many ASs use the RPKI to filter invalid routes since (1) not many prefixes are covered by RPKJs, and (2) filtering invalid routes can be potentially harmful due to mistakes. Yet RPKI certificate issuing rates are low because the issuing requires a significant effort from the operator, and provides very little value as so few ASs are filtering invalid routes.

[0036] As one of its applicable usages, the presently disclosed subject matter can be utilized for securing inter-domain routing, i.e., to break the vicious cycle as described above by creating an automatic certification process, thereby relieving the administrative hassles and mitigating human error in the issuing process.

[0037] Bearing the above in mind, reference is again made to Fig. 1. As illustrated, system 110 can comprise a processing and memory circuitry (PMC) 102 operatively connected to a hardware-based I/O interface 108. PMC 102 is configured to provide all processing necessary for operating system 1 10 which is further detailed with reference to Fig. 3, PMC 102 comprises a processor (not shown separately) and a memory (not shown separately). ^'The processor of PMC 102 can be configured to execute several functional modules in accordance with computer-readable instructions implemented on a non-transitory computer-readable memory comprised m the PMC. Such functional modules are referred to hereinafter as comprised in the PMC. It is to be noted that the term processor referred to herein should be expansively construed to cover any processing circuitry with data processing capabilities, and the present disclosure is not limited to the type or platform thereof, or number of processing cores comprised therein. [0038] In certain embodiments, functional modules comprised in the PMC 102 can comprise a challenge distributor 104 and a verification module 106. The functional modules comprised in the PMC are operatively connected with each other. Upon receiving, via the I/O interface 108, from a computerized requesting system (e.g., system 120), a request to be certified for ownership of a set of IP addresses, the request indicative of a public key of the computerized requesting system associated with the set of IP addresses, the challenge distributor 104 cars be configured to distribute, during a predetermined certifying interval, a plurality of random challenges to the computerized requesting system through a plurality of different routing paths. Upon receiving, via the I/O interface 1.08, from the computerized requesting system, one or more responses each corresponding to a given random challenge and including a received random challenge signed with a private key of the computerized requesting system, the verification module 106 can be configured to verify the one or more responses. A certificate can be sent to the computerized requesting system when below condition is met: for each of at least a percentage of the plurality of random challenges, a respective response is received and successfully verified using the public key of the computerized requesting system, as will be described in further detail below with reference to Fig. 3.

[0039] In certain embodiments, system. 110 can comprise, or be operatively connected to an IP ownership database 130. The IP ownership database 130 can be configured to store respective certificates in association with corresponding computerized requesting systems. It is to be noted that although the IP ownership database 130 is illustrated in Fig, 1 as residing external to system 110 and being operatively connected thereto, this is for purpose of illustration only and should not be deemed as limiting the present disclosure in any way. In some cases, the IP ownership database 130 can be accommodated by system 110 and thus can be regarded as being part of system 110.

[0040] Turning now to the certification requesting system 120. Similarly, system 120 can comprise a processing and memory circuitry (PMC) 122 operatively connected to a hardware-based I/O interface 126. PMC 122 is configured to provide all processing necessary for operating system 120 which is further detailed with reference to Fig. 4, PMC 122 comprises a processor (not shown separately) and a memory (not shown separately). The processor of PMC 122 can be configured to execute several functional modules in accordance with computer-readable instructions implemented on a non-transitory computer-readable memory comprised in the PMC. Such functional modules are referred to hereinafter as comprised in the PMC.

[0041] In certain embodiments, functional modules of the PMC 122 can comprise an agent 124. Hie agent 124 can be configured to send, via the I/O interface 126, a request to at least one computerized certifying system (e.g., system 110) to be certified for ownership of a set of IP addresses. The request is indicative of a public key of the computerized requesting system associated with the set of IP addresses. The agent 124 can be further configured to receive, from the at least one computerized certifying system, a plurality of random challenges sent during a predetermined certifying interval through a plurality of different routing paths, and send, to the at least one computerized certifying system, a response corresponding to each given received random challenge. The response can include the given received random challenge signed with a private key of the computerized requesting system. A certificate can be received by the agent 124 from the at least one computerized certifying system, upon a condition being met. The condition comprises: for each of the plurality of random challenges, a respective response is received and successfully verified by the at least one computerized certifying system using the public key of the computerized requesting system, as will be described in further detail below with reference to Fig. 4.

[0042] In certain embodiments, system 120 can be operatively connected to the IP ownership database 130. In some cases, system 120 can provide or request certificate related information with respect to the IP ownership database 130. Alternatively, in some other cases, system 120 can also provide or request such infonnation via the certifying system 110 which can communicate with the IP ownership database 130 on its behalf. The present disclosure is not limited by the specific implementation with respect to connections and communications among these entities.

[0043] Optionally, system 110 and/or system 120 can further comprise a graphical user interface (GUI) (not shown separately) configured to render for display of the input and/or the output to the user. Optionally, the GUI can be configured to enable user-specified inputs for operating system 110 and/or system 120.

[0044] As aforementioned, the certifying mechanism as illustrated by the certifying system 110 and requesting system 120 can be used for various purposes and applications, such as, e.g., validating identities of network entities and creating trust in network communications, secure inter-domain routing, etc. It is to be appreciated that the present disclosure is not limited by any specific usage and application of the system.

[0045] It is also noted that the system architecture illustrated in Fig. 1 can be implemented in a distributed computing environment, in which the aforementioned systems 110 and 120, as well as functional modules comprised therein can be distributed over several local and/or remote devices, and can be linked through a communication network. By way of example, the functionalities of a given system 110 can be distributed over several places. By way of another example, there can be multiple systems 110 (e.g., for purpose of redundancy) which can be distributed over multiple locations.

[0046] Those versed in the art will readily appreciate that the teachings of the presently disclosed subject matter are not bound by the systems illustrated in Fig. 1; equivalent and/or modified functionality can be consolidated or divided in another manner and can be implemented in any appropriate combination of software with firmw are and hardware. The systems in Fig. 1 can be standalone network entities, or integrated, fully or partly, with other network entities. Those skilled in the art will also readily appreciate that the database therein can be shared with other systems or be provided by other systems, including third party equipment.

[0047] While not necessarily so, the process of operation of systems 110 and 120 can respectively correspond to some or all of the stages of the methods described with respect to Figs. 3-4. Likewise, the methods described with respect to Figs. 3-4 and their possible implementations can be respectively implemented by systems 110 and 120. It is therefore noted that embodiments discussed in relation to the methods described with respect to Figs. 3-4 can also be implemented, mutatis mutandis as various embodiments of the systems 110 and 120, and vice versa. [0048] Referring now to Fig. 2, there is schematically illustrated an automatic certification mechanism with respect to an exemplary network infrastructure in accordance with certain embodiments of the presently disclosed subject matter,

[0049] There are illustrated a plurality of certifying systems 201. By way of example, each certifying system is implemented as a certifying server (denoted as Registrar in Fig. 2) accommodating a database (e.g., IP ownership database, denoted as DB in Fig. 2). The certifying servers (i.e., registrars) are configured with the processing functionalities as described with reference to system 110, and are operatively connected, via various routing paths, to a plurality of requesting systems 220 (exemplified in Fig. 2 as ASs). It is to be noted that multiple certifying servers are used in the specific embodiment of Fig. 2 to assure redundancy for the event of failed or compromised servers (e.g., a compromised server denoted as Registrar 2 is exemplified). Thus, all servers share the same information,

[0050] As exemplified, each AS comprises an agent installed on a host machine of the respective AS and configured with the processing functionalities as described with reference to system 120. Specifically, Fig. 2 schematically illustrates deployment of five certifying servers and two ASs (illustrated as AS1 and AS2) which have agents (illustrated as Agent 1 and Agent 2) installed and which have adopted the presently disclosed certification mechanism . The illustrated network further comprises 1 1 ASs which have not yet adopted the certification mechanism. To adopt the present certification mechanism, an AS administrator installs an agent on a host machine and configures it so that it is capable of sending a request for certification to the certifying system and receiving a plurality of random challenges sent to different IP addresses in the range of IP prefix. By way of example, the AS administrator can configure the agent by registering the IP prefix of the respective AS. The administrator can also configure the agent with the IP addresses of the AS's BGP routers and administrative credentials to automate network configuration, allowing plug-and-play deployment.

[005 1 ] Having described the exemplary network infrastructure as illustrated in Fig. 2, there is now described an automatic certification process between a requesting system 220 (e.g., AS1) and a certifying system 210 (e.g., Registrar I) in accordance with certain embodiments of the presently disclosed subject matter. [0052] Generally, the requesting system 220 (e.g., the agent installed therein) can be configured to initiate an automated certification request procedure in order to be certified with ownership of its IP prefix. The certifying system 210 confirms an AS's de facto "control" of a prefix by verifying the ability of the AS to respond to "challenges" sent to addresses in the IP prefix through multiple different routing paths over a relatively long period of time. Details of the certification process with respect to the certifying system and the requesting system are described below with reference to Fig. 3 and Fig. 4.

[0053] Turning now to Fig. 3, there is illustrated a generalized flowchart of certifying ownership of a set of IP addresses by at least one computerized certifying system in accordance with certain embodiments of the presently disclosed subject matter.

[0054] It is to be noted that the operations described below with respect to Fig. 3 are performed by at least one computerized certifying system. In some embodiments, there can be just one certifying system, e.g.. Registrar 1 in the example of Fig. 2. In some other embodiments, there can be multiple certifying systems, e.g., all five Registrars 1-5 in the example of Fig. 2, which share the same information while each works independently to perform the certification process, as will be described in further detail below. It is to be noted that certain embodiments of the present description may in some cases only refer to a single certifying system. This is for exemplification and illustration purposes only and should not be deemed as limiting the scope of present disclosure in any way.

[0055] A request can be received (302) (e.g., by the PMC 102 of at least one certifying system 110), from a computerized requesting system (e.g., the agent 124 of a requesting system 120), to be certified for ownership of a set of IP addresses. The request can comprise or be indicative of a public key of the computerized requesting system associated with the set of IP addresses. It is to be noted that the set of IP addresses should be broadly construed to cover one or more IP addresses or IP address blocks. The present disclosure is not limited by whether the one or more IP addresses are in the form of a continuous range or discrete IP addresses/address blocks (i.e., not continuous). In the example of Fig. 2, a requesting system 220 (i.e., AS1) can send a request for certifying the IP prefix of 1.2.3.0/24. The request can include the IP prefix and the public key of AS1 . The exemplified IP prefix format starts at a given address, having 24 bits allocated for the network prefix, and the remaining 8 bits reserved for host addressing. It is further to be noted that the request can be structured in any suitable format as long as the public key and the set of IP addresses are extractable from the request by the at least one computerized certifying system.

[0056] A plurality of different challenges can be distributed (304) (e.g., by the Challenge distributor 104 of at least one certifying system. 110), during a predetermined certifying interval, to the computerized requesting system through a plurality of different routing paths. As mentioned, a challenge-response protocol between the certifying system and the requesting system can be used for authentication of IP address ownership. The underlying logic is that different challenges are sent through different routing paths to the requesting system over a certifying interval, and only in cases where all the challenges, or at least a certain percentage thereof, are received and responded to, the requesting system is considered as successfully passing the challenges. If a requesting system tries to obtain a certificate for a prefix it does not own, e.g., in the example of Fig, 2, AS 22 or AS 2 tries to certify the prefix 1.2.3.0/24 of AS 1, it must intercept ail of the challenges sent to AS1. This requires it to be present on all routing paths to the victim (AS I), which is, practically, unfeasible.

[0057] To achieve the variety of the challenges, in one embodiment, each challenge can be configured as a random bit-string so that the plurality of challenges are necessarily different from each other and are not easily obtained or guessed by an attacker. These challenges are also referred to as random challenges. In order to ensure path diversities, in one embodiment, the plurality of routing paths are determined by choosing different relays using a relay infrastructure. In one embodiment, random relays can be chosen. In another embodiment, relays at multiple geographically -dispersed vantage points can be chosen. By way of example, Tor technique can be used as a readily available relaying infrastructure. Tor directs Internet traffic through a worldwide overlay network consisting of thousands of relays to protect against network surveillance or traffic analysis. One example of Tor technique is disclosed in "Tor: The Second-Generation Onion Router", Dingledine, R., Mathewson, N., and Syverson, P. F. USENIX Security Symposium (2004), USENIX, pp. 303-320, winch is incorporated herein in its entirety by reference. It is noted that the certifying system does not necessarily rely on Tor as an anonymity service, though this can be leveraged to improve security. By way of another example, relays can be set up on cloud machines. In the example of Fig. 2, four relays are used (denoted as Relays 1-4).

[0058] Additionally, the different challenges can be sent through different routing paths to different IP addresses in the set of IP addresses of the requesting system. The different IP addresses can also be randomly chosen (or pre-chosen). The certification interval can be predetermined to be a relatively long period of time. For instance, each certifying system can send 100 challenges to randomly chosen IP addresses in the IP prefix of an requesting AS during a certification interval that lasts 5 days. The challenges are sent at 100 randomly-chosen times in the certification interval through different relays. Such spacing of the challenges can ensure that the agent's control over the prefix is not temporal. In the illustrated exemplified Fig. 2, Registrar 2, Relay 4, and ASs 22 and 30 are corrupted. The certifying mechanism is capable to ensure security and availability of data traffic in spite of such corruptions.

[0059] Once the challenges are responded to, one or more responses can be received (306) (e.g., by the PMC 1.02 of at least one certifying system 1 0) from the computerized requesting system. Each response corresponds to a given challenge (e.g., a given random challenge) and includes a received challenge (e.g., a received random challenge) signed with a private key of the computerized requesting system.

[0060] The one or more responses can be verified (308) (e.g., by the verification module 106 of at least one certifying system 110). A certificate can be sent to the computerized requesting system upon a condition being met. The condition (310) that needs to be checked comprises: for each of at least a percentage of the plurality of challenges, a respective response is received and successfully verified using the public key of the computerized requesting system . The at least percentage of the challenges that needs to be received and verified can be determined as meeting a predetermined threshold (e.g., a relatively high threshold, such as 90% can be used to ensure a higher security). In some embodiments, the verification of a respective response can be performed by verifying the signed received challenge using the public key so as to ensure that the response is indeed from the same requesting system that sends the request (with the public key), and comparing the received challenge with the corresponding given challenge that was sent to determine whether the challenge was tampered with. In some embodiments, the agent can be configured to specify in the response also the public key and the set of requested IP prefix. The response can be further verified by checking whether the prefix and public key match those the agent specified in the certification request.

[0061] It is to be noted that in some cases, since the challenges and corresponding responses are sent and received over time, the verification can be performed upon receiving each response, and, in the meantime, the number of received responses are counted until the at least a percentage of responses is received, or until the end of the interval. In some other cases, it is also possible to keep receiving the responses without performing individual verifications, and only verify the responses once it is confirmed thai the at least a percentage of responses is received. Both ways of implementations can be used to validate the condition as described above, although the order of operations are different. The present disclosure should be cons! rued to cover either way of implementation for validating the condition . In some embodiments, in the former case described above where the verification can be performed upon receiving each response, if a valid response for a given challenge does not arrive within a short interval (e.g., one minute) after the given challenge has been sent, the requesting system can be considered as having failed in responding to the challenge.

[0062] Once the condition is validated to be met, a certificate can be sent to the requesting system. In cases where the at least one certifying system that performs the certification process refers to a single certifying system, the certificate can be stored (312) (e.g., by the PMC 102 of at least one certifying system 110) in association with the computerized requesting system in an IP ownership database (e.g., associated with the public key of the computerized requesting sy stem), thereby certifying the ownership of the set of IP addresses to the computerized requesting system. In cases where the at least one computerized certifying system comprises multiple computerized certifying systems, the certificate sent by each of the multiple computerized certifying systems is in fact a partial certificate (i.e., a certificate share). In such cases, a certificate can be generated by the computerized requesting system based on partial certificates received from at least part of the multiple certifying systems. Upon receiving the certificate from the computerized requesting system, the certificate can be stored by each of the certifying systems in association with the computerized requesting system in a respective IP ownership database (associated with the certifying system), thereby certifying the ownership of the set of IP addresses to the computerized requesting system. Therefore, the described certifying mechanism can be configured to prevent and detect attempts to falsely certify a set of IP addresses, and to provide confirmation for legitimate IP owners.

[0063] In some embodiments, the certificate can be generated by the computerized requesting system upon a number of partial certificates being received from a number of computerized certifying systems (i.e., the at least part of the multiple certifying systems as mentioned above) that meet a predetermined criterion. The predetermined criterion can be selected from a group comprising: a majority of the multiple computerized certifying systems, a set of trasted computerized certifying systems, and a weighted majority of the multiple certifying systems. By way of example, the certification process can be regarded as being passed when the requesting system receives partial certificates from the majority of the multiple certifying systems (e.g., three out of five registrars in the example of Fig, 2). By way of another example, there are cases when the certifying systems are not equally trusted. In such cases, another criterion can be applied, e.g., partial certificates need to be received from a subset of the multiple certifying systems (or at least the majority of the subset), which are the trusted ones. By way of further example, weights car! be assigned to different certifying systems that are not equally trusted and partial certificates need to be received from a weighted majority of the multiple certifying systems.

[0064] In the event that the certification process is not successful (e.g., not enough responses are received, and/or certain responses are not successfully verified), the agent of the requesting system can initiate another requesting process. However, at any given point in time, a certifying system can participate in at most one certification process per IP prefix. This prevents an attacker from invoking multiple instances of the certification process concurrently to increase its probability of success.

[0065] As aforementioned, RP I deployment is still very limited. In some cases, the present disclosure can be used to perform certification process instead of RPKI. In such cases, when a given requesting system does not have a valid RPKI certificate, the agent of the given system can be configured to initiate an automated certification procedure as described above. In some embodiments, when a certified requesting system later receives an RPKI certificate, the certificate can be automatically revoked upon detecting a collision with the RPKI certificate received by the requesting system. In some other embodiments, it can be determined, e.g., by the at least one certifying system, whether to revoke the certificate upon detection of a RPKI certificate. By way of example, the policy of preference to RPKI certificates can be changed on a per-certificate basis according to a majority of certifying systems' vote, for instance, in the event of a misbehaving RPKI authority.

[0066] According to certain embodiments, additional information related to the set of IP addresses can be received, by the at least one certifying system, from the computerized requesting system and stored in association with the certificate in the IP ownership database. The additional information is signed with the private key of the computerized requesting system. By way of example, the additional information can comprise an identifier of the computerized requesting system and/or an adjacent neighbor list, as will be described below in further detail with reference to Fig. 4.

[0067] Referring now to Fig. 4, there is illustrated a generalized flowchart of requesting certification of ownership of a set of IP addresses by a computerized requesting system in accordance with certain embodim ents of the presently disclosed subject matter,

[0068] A request can be sent (402) (e.g., by the agent 124 of a requesting system 120) to at least one computerized certifying system, to be certified for ownership of a set of IP addresses. The request can be indicative of a public key of the computerized requesting system associated with the set of IP addresses. As mentioned above, the request can be structured in any suitable format as long as the public key and the set of IP addresses are extractable from the request by the at least one computerized certifying system. If the AS does not have a public/private key pair, the agent of the AS can be configured to automatically generate a key pair when being installed. In some cases, the agent of the given system can be configured to initiate an automated certification procedure when a given requesting system does not have a valid RPKI certificate.

[0069] A plurality of different challenges can be received (404) (e.g., by the agent 124 of a requesting system 120), from the at least one computerized certifying system, the plurality of random challenges sent during a predetermined certifying interval through a plurality of different routing paths, as described above with reference to block 304 of Fig, 3.

[0070] A response corresponding to each given received challenge can be sent (406) (e.g., by the agent 124 of a requesting system 120) to the at least one computerized certifying system . The response can include the given received challenge signed with a private key of the computerized requesting system.

[0071] A certificate can be received (408) (e.g., by the agent 124 of a requesting system 120), from the at least one computerized certifying system, upon a condition being met. The condition (410) that needs to be checked comprises: for each of the plurality of challenges, a respective response is received and successfully verified by the at least one computerized certifying system using the public key of the computerized requesting system. In some cases, the plurality of challenges can be random challenges as mentioned above.

[0072] It is to be noted that an agent (e.g., the agent 124) needs be installed and configured in the computerized requesting system so that the agent can be capable of sending the request to the at least one computerized certifying system and receiving the plurality of random challenges sent to different IP addresses in the set of IP addresses, as described above. By way of example, the administrator installs the agent on a host machine and set the addresses and credentials for the BGP routers in its configuration file. The agent automatically learns the rest of the parameters (comprising, e.g., the AS's prefix, AS identifier and list of adjacent ASs) by reading the configuration of the BGP routers, using the administrative credentials provided in configuration.

[0073] As described above, in cases where the at least one computerized certifying system comprises multiple computerized certifying systems, the certificate sent by each of the multiple computerized certifying systems is actually a partial certificate, in such cases, the agent can be configured to generate a certificate based on partial certificates received from at least part of the multiple computerized certifying systems, and send the certificate to the multiple computerized certifying systems to be stored in association with the computerized requesting system in a respective IP ownership database, thereby rendering the requesting system being certified with the ownership of the set of IP addresses by the at least one computerized certifying system. In the event that the certification process is not successful (e.g., not enough responses are received, and/or certain responses are not successfully verified), the agent of the requesting system can initiate another requesting process.

[0074] In some embodiments, the certificate can be generated by the computerized requesting system upon a number of partial certificates being received from a number of computerized certifying systems (i.e., the at least part of the multiple certifying systems as mentioned above) that meet a predetermined criterion. Details of the predetermined criterion and examples thereof are described above with reference to Fig. 3 and are not repeated here.

[0075] The agent can be configured to generate the certificate by assembling ail partial certificates into a certificate and providing it to the certifying systems to be stored in the respective IP ownership database. By way of example, the certificate can be generated using threshold RSA signatures. One of such examples is disclosed m Shoup, V. Practical Threshold Signatures; EUROCRYPT (2000), vol. 1807 of LNCS, Springer, pp. 207-220, which is incorporated herein in its entirety by reference. This allows the certificate to be compatible with a standard PKIX certificate.

[0076] According to certain embodiments, the certified requesting system can be configured to provide additional information related to the set of IP addresses to be stored in association with the certificate in the IP ownership database . The additional information can be provided directly to the IP ownership database or via the at least one certifying system. The additional information can be signed with the private key of the computerized requesting system . In one embodiment, the additional information can comprise an identifier of the computerized requesting system and/or an adjacent neighbor list. By way of example, a given AS can register a path-end record at the IP ownership database. This record can be stored in association with the certificate of the given AS, and comprise a list of adjacent neighboring ASs. The record is signed with a private key of the given AS. Thus, the given AS is enabled to specify the legitimate "1-hop paths" to its prefixes. In the example of Fig. 2, upon certifying the prefix 1.2.3.0/24, Agent 1 can report its unique identifier and/or that it is adjacent to AS 11 and AS 22 to the IP ownership database. As will be detailed below, optionally, the certification mechanism can also support a privacy-preserving mode for ASs unwilling to divulge the identities of their neighbors (e.g., ISPs concerned by exposing their customers to competitors).

[0077] In certain embodiments, the agent of each certified AS can be configured to periodically request, from the IP ownership database, an update of new certificates associated with one or more newly certified requesting systems and the additional information associated with the new certificates so as to periodically filter out routing paths (e.g., bogus BGP paths) that are inconsistent with the update. In some cases, since standard BGP routers are not yet capable to accept path-end records, in accordance with certain embodiments, the agent configures BGP routers in the adopter's network with path-end-filtering policies.

[0078] By way of example, the agent of each adopting AS can periodically request and download new certifications, AS identifier, and path-end records from the IP ownership database. The agent validates the signature in a downloaded record, and also retrieves updates from a subset of other databases so as to ensure that a compromised database cannot change or discard some of the records, or provide an obsolete image of the database. The agent can also retrieve each update from a random prefix-DB for the same purpose. This allows agents of adopting ASs to automatically configure BGP routers to filter BGP path advertisements to entities whose AS identifier is not the registered one, and/or filter BGP path advertisements to certified prefixes whose "last hop" (i.e., last two AS numbers on the BGP path) does not match the records. In the example of Fig. 2, once AS 1 passes the certification and registers a path-end record, the agent at AS 2 can configure its BGP routers to filter BGP paths to prefix 1.2.3.0/24 (and relevant sub-prefixes) whose suffix is neither 1 1 - 1 nor 22 - 1. [0079] In some cases, the agent supports an automated mode, where the network administrator provides the BGP router's administrative credentials and their address, and the agent automatically deploys filtering rules according to the path-end records it retrieves. The agent can also support a manual mode, where it outputs the filtering policies to a router configuration file to be further applied by an administrator.

[0080] In accordance with certain embodiments of the presently disclosed subject matter, optionally, the agent can also be configured to alert a victim requesting system about an IP address hijack when identifying inconsistency during the periodic filtering. By way of example, BGP path advertisements whose origin or last-hop are inconsistent with the path-end records (i.e., are the result of an attack) are mirrored to the agent. The agent then automatically notifies the agent of a victim AS about the identified attack on its prefix. The alert can be signed with the agent's private key, allowing the recipient to validate the sender's identity (using the public key registered at the database). To prevent a malicious party from raising false alarms, the recipient agent can be configured to notify a respective network administrator only when a number of alerts exceeds a predefined threshold.

[0081] In some embodiments, the agent configures filtering rules for BGP advertisements on BGP routers to discard BGP advertisements that are inconsistent with path-end records. For each AS, the agent can deploy a single filtering rule, thereby resulting in an order of magnitude of less rules than origin authentication RPKL which involves a filtering rule per IP-prefix (there are roughly 50K ASs advertising over 500K IP-prefixes). The following illustration of the filtering rules refers to the network topology in Fig. 2 and describes the routing policy for protecting AS1, whose adjacent ASs are 40 and 300. For purpose of illustration only, the following description uses the Cisco IOS command-line interface.

[0082] The agent uses ASl 's path-end record to create a first access list (named asl), which blacklists routes containing (invalid) links to AS1 from non-adjacent Ass:

// disallow any AS but 40 or 300 to

// advertise a link to AS 1

ip as-path access-list asl deny _[~(40|300)]_1_ [0083] The agent further creates a second access list (named allow-all) to allow all other routes. The second access list is global, i.e., created once rather than for ever}' adopting AS:

ip as-path access-list allow-all permit

[0084] Finally, the agent applies the created policies in order, i.e., first blocking invalid routes, then allowing all others:

route-map Path-End-Validation permit 1

match ip as-path asl

match ip as-path allow-all

[0085] Additionally and optionally, the present disclosure allows network adopters to be able to revoke and update path-end records, enforces certificate expiration dates, and supports sub-prefix registration and multiple-origin ASs.

[0086] In some embodiments, a requesting system, (e.g., an AS) should revoke its certificate and/or addi tional information (e.g., path-end record) if it loses control over a prefix or its private key is compromised. An AS should also modify its path-end record when its list of neighboring ASs changes. To this end, the agent sends the certifying system and/or the IP ownership database a signed request specifying the desired change. It is then verified that the request is properly signed, and the relevant entry is then deleted or updated according to the request.

[0087] In some embodiments, each IP ownership certificate has an expiration date (e.g., one year since the last certification procedure ended). When a certificate expires, the IP ownership database deletes the associated records. This forces IP owners to periodically perform the certification procedure and issue a new certificate, validating that they are still in control of their IP prefix. The agents are configured to initiate the re-certification of IP prefixes before their expiration so that their certificates do not expire before they are re-certified.

[0088] In some cases, a prefix owner may assign a sub-prefix to another AS. In this event, the agent enables sub-prefix registration. The agent "breaks" the prefix and registers at the IP ownership database the fragments that were not allocated to the other AS. The agent can request to revoke the larger prefix. It is noted that even if the prefix owner neglects to revoke the certificate, the owner will not be able to renew the certificate after it expires. Also, when the new AS owning the sub-prefix joins the certification process, its agent will observe the stale record in the database and alert the administrator.

[0089] In some cases, Multi-Origin ASs (MOAS) can legitimately announce the same prefix from multiple ASs, and therefore no single AS owning a prefix can independently certify ownership using the present certifying mechanism (since each such AS receives only a part of the registrars' challenges). Thus, multi-origin ASs need to cooperate. Namely, all ASs in MOAS need to install the agent and to respond to the challenges sent to tlieir prefix. To certify ownership of one AS over the shared prefix, ail owners must provide that AS's number and public key in their response. The prefix-owners may run the certification procedure sequentially, creating multiple prefix-ownership records in the IP ownership database for the same prefix. Each record is translated into an independent whitelisiing rule that permits advertisements from a different AS. It is noted that there is no need to expose an owner's private key to other ASs, thereby an AS is allowed to securely manage its record.

[0090] In accordance with certain embodiments of the presently disclosed subject matter, the present certification mechanism can support a privacy preserving mode, intended for ASs that do not wish to reveal the identities of their neighbors. Adopters running in privacy preserving mode register only their prefix ownership certificate in the IP ownership database. Instead of specifying the full list of neighboring ASs, the agents of such ASs configure their BGP routers to include, in ever}- BGP announcement, a "last-hop authentication" attribute, which comprises their signature on the last hop in the specific announced BGP path. Thus, these ASs reveal no more information than that already appearing in the BGP path announcement. It is noted that this can be accomplished using the existing BGP message format. The agents configure their routers to mark the last-hop authentication attribute as optional- transitive (as specified, for example, in Rekhter, Y., Li, T., and Hares, S. A Border Gateway Protocol 4 (BGP-4). RFC 4271 (Draft Standard), Jan. 2006. Updated by- RFC 6286, which is incorporated herein in its entirety by reference), and so the attribute is further propagated even by ASs that are not adopters of the present certification mechanism. To mitigate attacks that involve the announcement of outdated prefixes, the attribute can also specify the current time and be acceptable only in a fixed time interval (e.g., within one day).

[0091] Each agent configures the border routers in respective AS to mirror to the agent BGP advertisements that announce prefixes that were registered in the privacy preserving mode. This allows an agent of an adopting AS to validate the last hop in such a BGP advertisement by verifying the last-hop authentication attribute. If verification fails, the agent alerts the victim.

[0092] In accordance with certain embodiments of the presently disclosed subject matter, the present certifying mechanism can be configured to detect man-in-the- middle attack (MitM) attackers. Further to using Tor for relaying the challenges and responses in the prefix ownership certification process. Tor's anonymity guarantees that it can be utilized to run a variant of Tor protocol. In addition to responding to the challenges, the agent can be configured to establish a "dummy" certification process, sending challenges to its own prefix and responding. Since ail communication is relayed through Tor and hence anonymized, a MitM on the path between the AS and the Internet cannot identify which sessions belong to the dummy certification process and which to the real one. If the MitM manipulates a dummy challenge or response, it can be detected by the agent (the agent knows what it sent and hence also what it should receive).

[0093 ] It is also noted that since the described IP ownership certification tests that an agent can receive challenges sent to respective IP addresses, an ownership of unannounced IP prefixes cannot be verified in a manner described above. Authentication of unannounced IP prefixes requires RPKI certificates.

[0094] In an exemplified embodiment, an AS holding an RPKI certificate can use the IP ownership database as disclosed in the present disclosure for supporting path- end record validation since RPKI repositories do not sufficiently support distribution of path-end records. In some cases, an AS holding an RPKI certificate can specify a signed list of its adjacent ASs. Respective path-end records can be sent to store at the IP ownership database. When the database receives an AS's path-end record to store, it retrieves that AS's RPKI certificate and verifies the signature over its path-end record. Optionally, RPKFs certificate revocation lists can be utilized to remove records in case the signing key has been revoked. An AS can update or delete its path-end records using a signed announcement sent to the database, similar to ROAs m RPKI. By way of example, the five IP ownership databases and five Registrar servers as illustrated in the example of Fig. 2 can be deployed over cloud and distributed across political and geographic boundaries, so that they can be publicly accessible, allowing any AS to register. Tor can be utilized for the required relaying sen' ice in the certification process, as described above.

[0095] Among advantages of certain embodiments of the presently disclosed subject matter is capability to provide automatic certification for network entities avoiding the administrative hassles and human error of RPKI deployment and with no need of replacing or modifying legacy BGP routers. Among further advantages of certain embodiments of the presently disclosed subject matter is capability of deployment of the certification by a given AS without having to wait for other ASs to adopt, and without relying on a single root-of-trust.

[0096] It is appreciated that the examples and embodiments illustrated with reference to the certification process in the present description are by no means inclusive of all possible alternatives but are intended to illustrate non-limiting examples only.

[0097] It is to be understood that the invention is not limited in its application to the details set forth in the description contained herein or illustrated in the drawings. The invention is capable of other embodiments and of being practiced and carried out in various ways. Hence, it is to be understood that the phraseology and terminology employed herein are for the purpose of description and should not be regarded as limiting. As such, those skilled in the art will appreciate that the conception upon w hich this disclosure is based may readily be utilized as a basis for designing other structures, methods, and systems for carrying out the several purposes of the presently disclosed subject matter.

[0098] It will also be understood that the system according to the invention may be, at least partly, implemented on a suitably programmed computer. Likewise, the invention contemplates a computer program being readable by a computer for executing the method of the invention. The invention further contemplates a non- transitory computer readable memory or storage medium tangibly embodying a program of instructions executable by the computer for executing the method of the invention.

[0099] The non-transitory computer readable storage medium causing a processor to carr - out aspects of the present invention can be a tangible device that can retain and store instructions for use by an instruction execution device. The computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing,

[00100] Those skilled in the art will readily appreciate that various modifications and changes can be applied to the embodiments of the invention as hereinbefore described without departing from its scope, defined in and by the appended claims.

Claims

1. A computerized method of certifying ownership of a set of Internet Protocol (IP) addresses, the method being performed by at least one computerized certifying system, the method comprising: receiving, from a computerized requesting system, a request to be certified for ownership of the set of IP addresses, the request indicative of a public key of the computerized requesting system associated with the set of IP addresses, the public key and the set of IP addresses extractable from the request by the at least one computerized certifying system; distributing, during a predetermined certifying interval, a plurality of random challenges to the computerized requesting system through a plurality of different routing paths; receiving, from the computerized requesting system, one or more responses each corresponding to a given random challenge and including a received random challenge signed with a private key of the computeri zed requesting system; and verifying the one or more responses and sending a certificate to the computerized requesting system upon a condition being met, the condition comprising: for each of at least a percentage of the plurality of random challenges, a respective response is received and successfully verified using the public key of the computerized requesting system, wherein the at least percentage meets a predetermined threshold.

2. The computerized method of claim 1 , wherein the at least one computerized certifying system comprises one computerized certifying system, the method further comprising storing the certificate in association with the computerized requesting system in an IP ownership database, thereby certifying the ownership of the set of IP addresses to the computerized requesting system.

3. The computerized method of claim 1, wherein the at least one computerized certifying system comprises multiple computerized certifying systems, and wherein the certificate sent by each of the multiple computerized certifying systems is a partial certificate, the method being performed by each of the multiple computerized certifying systems and further comprising: upon receiving a certificate from the computerized requesting system, wherein the certificate is generated by the computerized requesting system based on partial certificates received from at least part of the multiple certifying systems, storing the certificate in association with the computerized requesting system in a respective IP ownership database, thereby certifying the ownership of the set of IP addresses to the computerized requesting system.

4. The computerized method of claim 3, wherein the certificate is generated by the computerized requesting system upon a number of partial certificates being received from a number of computerized certifying systems that meet a predetermined criterion,

5. The computerized method of any of the preceding claims, wherein the plurality of different routing paths are determined by choosing different relays using a relay infrastructure.

6. The computerized method of any of the preceding claims, wherein the plurality of random challenges are sent to different IP addresses in the set of IP addresses.

7. The computerized method of any of the preceding claims, further comprising receiving additional information related to the set of IP addresses from the computerized requesting system and storing the additional information in association with the certificate in the IP ownership database, the additional information signed with the private key of the computerized requesting system.

8. The computerized method of any of the preceding claims, further comprising determining whether to revoke the certificate upon detection of a Resource Public Key Infrastructure (RPKI) certificate received by the computerized requesting system.

9. The computerized method of any of the preceding claims, wherein the computerized requesting system is an Autonomous System (AS).

10. A computerized method of requesting certification of ownership of a set of internet Protocol (IP) addresses, the method being performed by a computerized requesting system, the method comprising: sending a request to at least one computerized certifying system to be certified for ownership of the set of IP addresses, the request indicative of a public key of the computerized requesting system associated with the set of IP addresses, the public key and the set of IP addresses extractabie from the request by the at least one computerized certifying system; receiving, from, the at least one computeri zed certifying system, a plurality of random challenges sent during a predetermined certifying interval through a plurality of different routing paths; sending, to the at least one computerized certifying system, a response corresponding to each given received random challenge, wherein the response includes the given received random challenge signed with a private key of the computerized requesting system; and receiving, from the at least one computerized certifying system, a certificate upon a condition being met, tlie condition comprising: for each of tlie plurality of random challenges, a respective response is received and successfully verified by the at least one computerized certifying system using the public key of the computerized re uesting system.

11. The computerized method of claim 10, further comprising installing an agent in the computerized requesting system, tlie agent capable of sending the request to the at least one computerized certifying system and receiving the plurality of random challenges sent to different IP addresses in the set of IP addresses.

12. The computerized method of claim 10 or 11, wherein the at least one computerized certifying system comprises multiple computerized certifying systems, and wherein tlie certificate sent by each of the multiple computerized certifying systems is a partial certificate, the method further comprising: generating a certificate based on partial certificates received from at least part of the multiple computerized certifying systems, and sending the certificate to the multiple computerized certifying systems to be stored in association with the computerized requesting system in an IP ownership database, thereby rendering the computerized requesting system to be certified with the ownership of the set of IP addresses by the at least one computerized certifying system.

13. The computerized method of claim 12, wherein the certificate is generated upon a number of partial certificates being received from a number of computerized certifying systems that meet a predetermined criterion.

14. The computerized method of any of claims 10 to 13, further comprising providing additional information related to the set of IP addresses to be stored in association with the certificate in the IP ownership database, the additional information signed with the pri vate key of the computerized requesting system.

15. The computerized metliod of claim 14, wherein the additional information comprises an identifier of the computerized requesting system and/or an adjacent neighbor list.

16. The computerized method of claim 14 or 15, further comprising periodically requesting, from the IP ownership database, an update of new certificates associated with one or more newly certified requesting systems and the additional information associated with the new certificates so as to periodically filter out routing paths that are inconsistent with the update.

17. The computerized method of claim 16, further comprising alerting a victim requesting system about an IP address hijack when identifying inconsistency during the periodic filtering.

18. The computerized method of any of claims 13-17, wherein the predetermined criterion is selected from a group comprising: a majority of the multiple computerized certifying systems, a set of trusted computerized certifying systems, and a weighted majority of the multiple computerized certifying systems.

19. The computerized metliod of any of claims 10-18, wherein the computerized requesting system is an Autonomous System (AS).

20. A computerized certifying system, the system comprising a processing and memory circuitry (PMC) configured to perform the method steps of any of claims 1 - 9.

21. A computerized certification requesting system, the system comprising a processing and memory circuitry (PMC) configured to perform the method steps of any of claims 10-18.

22. A computer program product that includes a non-transitory computer readable storage medium storing instructions for performing the method steps of any of claims 1-9.

23. A computer program product that includes a non-transitory computer readable storage medium storing instructions for performing the method steps of any of claims 10-18.