Internet Kill Switches Demystified

Benjamin Rothenberger, Daniele E. Asoni, David Barrera, Adrian Perrig
2017 Proceedings of the 10th European Workshop on Systems Security - EuroSec'17  
Internet kill switches are possible in today's Internet, but to date have been locally-scoped and self-inflicted. As more networks move towards centralized key architectures such as DNSSEC and BGPsec, adversarial kill switches become more powerful. We analyze the feasibility of and mechanisms for executing kill switches on remote DNSSEC-or BGPsec-enabled networks, finding that kill switches must be considered in the design of next generation Internet protocols. We also describe recovery
more » ... es and properties intended to evaluate kill switch events, finding that recovering from a compromised key may take up to 48 hours.
doi:10.1145/3065913.3065922 dblp:conf/eurosec/RothenbergerABP17 fatcat:rfdny65gifc43mmb7jw5opbrfy