PKI Layer Cake: New Collision Attacks against the Global X.509 Infrastructure

Kaminsky, Dan; Patterson, Meredith L.; Sassaman, Len

doi:10.1007/978-3-642-14577-3_22

Cited by 37 publications

(27 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In contrast, we are not interested in the cognitive aspects, and shall make the minimum possible assumptions about the user by defining a non-deterministic one. Kaminsky et al [18] point out that a subject name in an X.509 certificate can be easily misinterpreted by browsers because of lack of standardisation, which often invites ambiguity. To confirm this, a recent update of the X.509 standard [19] provides some clarifications, which, however, do not impact our work.…”

Section: Related Workmentioning

confidence: 99%

Socio-technical formal analysis of TLS certificate validation in modern browsers

Bella

Giustolisi

Lenzini

2013

2013 Eleventh Annual Conference on Privacy, Security and Trust

View full text Add to dashboard Cite

Abstract-Authenticating a web server is crucial to the security of web browsing. It relies on TLS certificate validation, a property whose enforcement may require getting the user involved. Thus, certificate validation is a socio-technical property -it relies on traditional security technology as well as on social elements such as cultural values, trust and human-computer interaction. Hence the need for an appropriate methodology to study certificate validation from a socio-technical perspective. Certificate validation as carried out through today's most popular browsers -Chrome, Internet Explorer, Firefox and Opera Mini -is first represented by means of UML activity diagrams. It is then translated into CSP#, and expanded with the LTL formalization of four socio-technical properties pivoted on user involvement with certificate validation. The properties are then checked automatically using the PAT model checker. The findings turn out to be far from straightforward and, most importantly, allowed for prototyping a basic methodology for the sociotechnical formal analysis of security properties.

show abstract

Section: Related Workmentioning

confidence: 99%

Socio-technical formal analysis of TLS certificate validation in modern browsers

Bella

Giustolisi

Lenzini

2013

2013 Eleventh Annual Conference on Privacy, Security and Trust

View full text Add to dashboard Cite

show abstract

“…It also harkens back to the classic work on evading intrusion detection and prevention systems (IDS/IPS) [16,23] that exploited differences in network streams reassembly by the attack targets and the IDS/IPS protecting them-which have since been generalized as parser differential attacks [19,25].…”

Section: Previous Workmentioning

confidence: 99%

Short paper

Jenkins

Shapiro

Bratus

et al. 2014

Proceedings of the 2014 ACM Conference on Security and Privacy in Wireless &Amp; Mobile Networks

View full text Add to dashboard Cite

Producing IEEE 802.15.4 PHY-frames reliably accepted by some digital radio receivers, but rejected by others-depending on the receiver chip's make and model-has strong implications for wireless security. Attackers could target specific receivers by crafting "shaped charges," attack frames that appear valid to the intended target and are ignored by all other recipients. By transmitting in the unique, slightly non-compliant "dialect" of the intended receivers, attackers would be able to create entire communication streams invisible to others, including wireless intrusion detection and prevention systems (WIDS/WIPS).These scenarios are no longer theoretic. We present methods of producing such IEEE 802.15.4 frames with commodity digital radio chips widely used in building inexpensive 802.15.4-conformant devices. Typically, PHY-layer fingerprinting requires software-defined radios that cost orders of magnitude more than the chips they fingerprint; however, our methods do not require a software-defined radio and use the same inexpensive chips.Knowledge of such differences, and the ability to fingerprint them is crucial for defenders. We investigate new methods of fingerprinting IEEE 802.15.4 devices by exploring techniques to differentiate between multiple 802.15.4-conformant radio-hardware manufacturers and firmware distributions. Further, we point out the implications of these results for WIDS, both with respect to WIDS evasion techniques and countering such evasion.

show abstract

“…When using a name like bank.comøevil.com, some CAs only validated that the registering user owns evil.com. However, some browsers (e.g., Firefox [30]) ignored everything following the NUL character and accepted the certificate for bank.com [21,25]. This bug has been fixed on both browser and CA side.…”

Section: Faults In Ca Processesmentioning

confidence: 99%

No attack necessary

Amann

Sommer

Vallentin

et al. 2013

Proceedings of the 29th Annual Computer Security Applications Conference

View full text Add to dashboard Cite

Much of the Internet's end-to-end security relies on the SSL/TLS protocol along with its underlying X.509 certificate infrastructure. However, the system remains quite brittle due to its liberal delegation of signing authority: a single compromised certification authority undermines trust globally. Several recent high-profile incidents have demonstrated this shortcoming convincingly. Over time, the security community has proposed a number of counter measures to increase the security of the certificate ecosystem; many of these efforts monitor for what they consider tell-tale signs of man-in-themiddle attacks. In this work we set out to understand to which degree benign changes to the certificate ecosystem share structural properties with attacks, based on a largescale data set of more than 17 billion SSL sessions. We find that common intuition falls short in assessing the maliciousness of an unknown certificate, since their typical artifacts routinely occur in benign contexts as well. We also discuss what impact our observations have on proposals aiming to improve the security of the SSL ecosystem.

show abstract

PKI Layer Cake: New Collision Attacks against the Global X.509 Infrastructure

Cited by 37 publications

References 5 publications

Socio-technical formal analysis of TLS certificate validation in modern browsers

Socio-technical formal analysis of TLS certificate validation in modern browsers

Short paper

No attack necessary

Contact Info

Product

Resources

About