Abstract
The existing HTTPS public-key infrastructure (PKI) uses a coarse-grained trust model: either a certificate authority (CA) is trusted by browsers to vouch for the identity of any domain or it is not trusted at all. More than 1200 root and intermediate CAs can currently sign certificates for any domain and be trusted by popular browsers. This violates the principle of least privilege and creates an excessively large attack surface, as highlighted by recent CA compromises. In this paper, we present CAge, a mechanism that browser makers can apply to drastically reduce the excessive trust placed in CAs without fundamentally altering the CA ecosystem or breaking existing practice. CAge works by imposing restrictions on the set of top-level domains (TLDs) under which each CA is trusted to sign certs. Our key observation, based on an Internet-wide survey of TLS certs, is that CAs commonly sign for sites in only a handful of TLDs. We show that it is possible to algorithmically infer reasonable restrictions on CAs’ trusted scopes based on this behavior, and we present evidence that browser-enforced inferred scopes would be a durable and effective way to reduce the attack surface of the HTTPS PKI. We find that simple inference rules can reduce the attack surface by nearly a factor of ten without hindering 99% of CA activity over a 6 month period.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Gmail.com SSL MITM Attack by Iranian government (August 2011), http://pastebin.com/ff7Yg663
Alicherry, M., Keromytis, A.D.: Doublecheck: Multi-path verification against man-in-the-middle attacks. In: ISCC, pp. 557–563. IEEE (2009)
Bhat, S.: Gmail users in Iran hit by MITM Attacks. Website (August 2011), http://techie-buzz.com/tech-news/gmail-iran-hit-mitm.html
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard) (May 2008)
EFF. The EFF SSL Observatory, https://www.eff.org/observatory
Evans, C.: New Chromium security features (June 2011), Website, http://blog.chromium.org/2011/06/new-chromium-security-features-june.html
Heninger, N., Durumeric, Z., Wustrow, E., Halderman, J.A.: Mining your Ps and Qs: Detection of widespread weak keys in network devices. In: Proceedings of the 21st USENIX Conference on Security Symposium, Security 2012, p. 35. USENIX Association, Berkeley (2012)
IANA. Top level domains, http://data.iana.org/TLD/tlds-alpha-by-domain.txt
Loesch, C.: Certificate patrol. Website, http://patrol.psyced.org/
Marlinspike, M.: SSL and the future of authenticity, BlackHat USA (August 2011)
Richmond, R.: Comodo fraud incident (March 2011), http://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html
Soghoian, C., Stamm, S.: Certified lies: Detecting and defeating government interception attacks against SSL (short paper). In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 250–259. Springer, Heidelberg (2012)
Wendlandt, D., Andersen, D.G., Perrig, A.: Perspectives: Improving SSH-style host authentication with multi-path probing. In: USENIX 2008 Annual Technical Conference, pp. 321–334. USENIX Association, Berkeley (2008)
Zusman, M.: Criminal charges are not pursued: Hacking PKI, DefCon 17 (August 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kasten, J., Wustrow, E., Halderman, J.A. (2013). CAge: Taming Certificate Authorities by Inferring Restricted Scopes. In: Sadeghi, AR. (eds) Financial Cryptography and Data Security. FC 2013. Lecture Notes in Computer Science, vol 7859. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-39884-1_28
Download citation
DOI: https://doi.org/10.1007/978-3-642-39884-1_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-39883-4
Online ISBN: 978-3-642-39884-1
eBook Packages: Computer ScienceComputer Science (R0)