[2026.05.21] A Framework to Evaluate MPIC Security using Real-World BGP Announcements

Abstract

Multiple Perspective Issuance Corroboration (MPIC) is a defense that strengthens the Domain Control Validation protocol run by Certificate Authorities (CAs) against network attacks (e.g., routing hijacks). Despite its recent adoption as a requirement by the CA/Browser Forum, the quantitative security benefits of MPIC in light of real-world routing behaviors are not well understood. We seek to address this challenge by creating a framework to test the effects of real-world BGP hijacks on millions of potential MPIC perspective deployments. Our framework launches around 1500 ethical BGP hijacks on IP prefixes we own and analyzes how potential MPIC perspectives route under these attacks. We consider over 100 global MPIC perspective locations spread across 3 major cloud providers. We find that optimal MPIC deployments can prevent certificate misissuance for over 87% of our evaluated real-world BGP hijacks. We further show that different routing behaviors by cloud providers, such as cold potato routing, have a substantial effect on MPIC's ability to limit the impact of BGP attacks. Finally, our framework computes optimized sets of MPIC perspective locations for CAs to use given their preference of cloud provider and perspective count. Our recommendations have already impacted the MPIC deployment at Google Trust Services, and have been adopted as the default recommendation by the Open MPIC project.

For more information, see:
paper: https://dl.acm.org/doi/10.1145/3730567.3764495&source=gmail&ust=1779425579019000&usg=AOvVaw2DcQUlYkf5vTFu5m4y_qm Y"> https://dl.acm.org/doi/10. 1145/3730567.3764495
website: https://mpiclabs.org/marcopolo&source=gmail&ust=1779425579019000&usg=AOvVaw38Z1xWUKWPkzT81ChuiLy V"> https://mpiclabs.org/marcopolo