Internet Kill Switches Demystified.

Internet kill switches are possible in today's Internet, but to date have been locally-scoped and self-inflicted. As more networks move towards centralized key architectures such as DNSSEC and BGPsec, adversarial kill switches become more powerful. We analyze the feasibility of and mechanisms for executing kill switches on remote DNSSEC- or BGPsec-enabled networks, finding that kill switches must be considered in the design of next generation Internet protocols. We also describe recovery procedures and properties intended to evaluate kill switch events, finding that recovering from a compromised key may take up to 48 hours.