Domain Validation++ For MitM-Resilient PKI

Brandt, Markus; Dai, Tianxiang; Klein, Amit; Shulman, Haya; Waidner, Michael

doi:10.1145/3243734.3243790

Cited by 47 publications

(51 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The idea is to inject a spoofed fragment into IP defragmentation cache that is to be reassembled with the real fragment from the nameserver, and so to inject malicious payload into the DNS response. Fragmentation is a popularly exploited attack vector for attacks against different systems and protocols [1], [25]- [27].…”

Section: Introductionmentioning

confidence: 99%

The Impact of DNS Insecurity on Time

Jeitner

Shulman

Waidner

2020

2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Self Cite

View full text Add to dashboard Cite

show abstract

Section: Introductionmentioning

confidence: 99%

The Impact of DNS Insecurity on Time

Jeitner

Shulman

Waidner

2020

2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)

Self Cite

View full text Add to dashboard Cite

show abstract

“…De facto ownership for establishing security proved useful in bootstrapping TLS, as reflected by the popular Let's Encrypt service for issuing X.509 TLS certificates [3], [6], [41]. Nevertheless, this approach was shown vulnerable to MitM attacks in the data plane [7], [8] and was later improved by utilizing control plane information for performing validation [10]. DISCO's decentralized approach for certifying ownership over IP address blocks resembles the design of the Convergence system for validating the correctness of TLS certificates [42].…”

Section: Related Workmentioning

confidence: 99%

DISCO: Sidestepping RPKI's Deployment Barriers

Hlaváček

Cunha

Gilad

et al. 2020

Proceedings 2020 Network and Distributed System Security Symposium

Self Cite

View full text Add to dashboard Cite

BGP is a gaping security hole in today's Internet, as evidenced by numerous Internet outages and blackouts, repeated traffic hijacking, and surveillance incidents. To protect against prefix hijacking, the Resource Public Key Infrastructure (RPKI) has been standardized. Yet, despite Herculean efforts, ubiquitous deployment of the RPKI remains distant, due to RPKI's manual and error-prone certification process. We argue that deploying origin authentication at scale requires substituting the standard requirement of certifying legal ownership of IP address blocks with the goal of certifying de facto ownership. We show that settling for de facto ownership is sufficient for protecting against hazardous prefix hijacking and can be accomplished without requiring any changes to today's routing infrastructure. We present DISCO, a readily deployable system that automatically certifies de facto ownership and generates the appropriate BGPpath-filtering rules at routers. We evaluate DISCO's security and deployability via live experiments on the Internet using a prototype implementation of DISCO and through simulations on empirically-derived datasets. To facilitate the reproducibility of our results, we open source our prototype, simulator, and measurement analysis code [30]. We present Decentralized Infrastructure for Securing and Certifying Origins. DISCO automatically certifies de facto

show abstract

“…While CA-TMS [30] and [31] collects information about CAs reputation from users, and they restrict CAs' scope using the reputation data gathered from their clients. References [9], [10] successfully attacked several eminent domain validation-based commercially used CAs and showed that their certificate-issuance process itself is exposed to MitM attacks. References [9], [10] suggested several recommendations to mitigate attacks against the domain validation-based certificate-issuance process.…”

Section: Related Workmentioning

confidence: 99%

“…References [9], [10] successfully attacked several eminent domain validation-based commercially used CAs and showed that their certificate-issuance process itself is exposed to MitM attacks. References [9], [10] suggested several recommendations to mitigate attacks against the domain validation-based certificate-issuance process. The proposals are defenseless against attackers capable of compromising CAs' private-key.…”

Section: Related Workmentioning

confidence: 99%

“…Apart from trust delegation, CAs do not conduct strict validation of the domain identity before certificateissuance [9], [10]. For example, in 2018, Birge-Lee et al [9] and Brandt et al [10] showed real-world attacks against top CAs such as Let's Encrypt, Comodo, GoDaddy, Symantec, InstantSSL, CertCom, NetworkSolutions, SSL.com, Net-Lock, and GlobalSign. They unveiled that the certificateissuance process 2 is itself defenseless to MitM attacks.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Attack-Resilient TLS Certificate Transparency

et al. 2020

View full text Add to dashboard Cite

The security of Public-Key Infrastructure (PKI) for Internet-based communications has lately attracted researchers' attention because of Certification Authorities (CAs) crashes and consequent attacks. Google Certificate Transparency and subsequent log-based PKI proposals (e.g., AKI and ARPKI) have succeeded in making certificate-management processes more transparent, accountable, and verifiable. However, those proposals failed to solve the root CA generous delegation of trust to intermediate CAs, non-conformant certificate-issuance by them, and lack of rigorous authentication of domain ownership during certificate-issuance problems. This study presents Attack-Resilient TLS Certificate Transparency (ARCT) based on log servers to address these problems. ARCT enables root CA to enforce intermediate CAs to follow community standards through leveraging a log server at each root level. It also introduces a collaborative domain ownership verification method that deters false certificate-issuance and ensures that a set of CAs validates every certificate before any client will accept it. A certificate collectively approved by a set of CAs assures users that the certificate has been seen, and not instantly detected malicious, by a group of CAs. Finally, formal security and performance evaluations prove the reliability and effectiveness of ARCT.

show abstract

Domain Validation++ For MitM-Resilient PKI

Cited by 47 publications

References 19 publications

The Impact of DNS Insecurity on Time

The Impact of DNS Insecurity on Time

DISCO: Sidestepping RPKI's Deployment Barriers

Attack-Resilient TLS Certificate Transparency

Contact Info

Product

Resources

About