The U.S. federal government is accelerating its efforts to secure the Internet's routing system, with plans this year for the Department of Homeland Security to quadruple its investment in research aimed at adding digital signatures to router communications.
DHS is funding two key initiatives related to enhancing routing security: Resource Public Key Infrastructure (RPKI), which adds authentication to the delegation of IP address blocks by the registries to ISPs and enterprises; and BGPSEC, which adds digital signatures to BGP announcements. (Maughan says he's modeling the BGPSEC initiative after the agency's DNSSEC effort, which has involved the National Institute of Standards and Technology [NIST] and the Internet Engineering Task Force [IETF].)
With RPKI, the regional Internet registries are putting together a public key infrastructure to authorize IP address delegations from the Internet Assigned Numbers Authority (IANA) to the five regional Internet registries, including ARIN. Then the registries would authenticate the assignment of IP addresses and IP routing prefixes known as autonomous systems that are used by network operators.