CSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana ViswanathTen Risks of PKI:What You're not Being Told aboutPublic Key InfrastructureJoshua SchiffmanArchana ViswanathCSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana ViswanathComputer Security● Security is a business○ Especially PKI● PKI needs business to thrive○ Buy certificates○ PKI equipment● Certificates are the commodity○ How trustworthy are they?CSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana ViswanathCategories of Risk● Security is a chain○ Only as strong as the weakest link● We identify three main categories for risk○ Trust in the Certification Authority (CA)○ Trust in the encryption keys○ Trust in the usersCSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana ViswanathCertification Authorities● PKI requires distribution of public keys○ Dangerous to send in the clear● CAs provide certificates binding name to key○ What makes a CA trusted?○ What guarantee do we have the certificate is real?AliceCAKBReally?This is Bob'spublic keyCSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana ViswanathContent Authorities● Certificates contain more than just a key○ Name / ID○ DNS for SSL● Who is authorized to provide this content○ CAs are not authorities○ Contrary to many other systems▶ Business name▶ Licenses● Does it always matter?○ Offers no added encryptionCSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana ViswanathRegistration Authority● Registration Authorities (RA)○ Authority on the contents○ Establish secure communication with the CA● What guarantees are in the RA+CA model?○ CAs can forge certificates○ More vectors for attack○ Authorities physically possessing the CA helps▶ Breaks some business modelsCSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana ViswanathIdentifying the Applicant● Does the CA verify applications?○ Identity checking○ Are the credentials easy to obtain?● Is there private key verification?○ Possessing the public key for the certificate▶ Does not prove possession of private keyAliceCAKAReally?This is mypublic keyCSE 543 Computer Security: Risks of PKI - Josh Schiffman & Archana ViswanathSecuring the CA● CAs don't keep secrets○ All verification is done with public keys● Use “root certificates" to vouch for the certificate○ Self-signed○ Form a chain of trust▶ Must end at some ultimately trusted party● Attackers can inject their own root keys○ Spoof public keys● Physically protect the
View Full Document