Open MPIC project defends against BGP attacks on certificate validation

Traditional validation methods rely on DNS lookups, HTTP challenges or email verification, all of which depend on proper internet routing. BGP’s inherent lack of security controls creates the opportunity for traffic hijacking.

“When a CA performs a domain control check, it assumes the traffic it sends is reaching the right server,” Sharkov said. “But that’s not always true.” 

The consequences are significant: Fraudulently obtained certificates enable convincing website impersonation and potential encrypted traffic interception.

How Open MPIC works

The Open MPIC framework implements a straightforward but effective security principle: Check the same validation data from multiple disparate locations on the internet. 

“The fix is to make certificate validation less reliant on any one route,” Sharkov explained. “Instead of validating a domain from a single network location, MPIC requires CAs to check from multiple, geographically diverse vantage points.”

This approach increases the work required for successful attacks, as an attacker would need to simultaneously compromise routing to multiple geographically diverse vantage points. As such, if one region gets misled by a BGP hijack, others can catch the discrepancy and stop the certificate from being issued.