110 likes | 196 Views
Is an Internet PKI the Right Approach?. Eric Osterweil Join work with: Dan Massey and Lixia Zhang. Life in the Internet. The Internet is a uniquely challenging environment to deploy systems because: It is immense It is has a highly diverse makeup
E N D
Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang
Life in the Internet • The Internet is a uniquely challenging environment to deploy systems because: • It is immense • It is has a highly diverse makeup • Its constituent components are constantly in flux and are administered by independent authorities • As a result, systems must be designed to tolerate: • Constant configuration errors, incremental deployments (which may take years), and diverse opinions on who is trustworthy
Problems • The Internet’s heterogeneity makes it difficult for systems to rely on being fully deployed • Systems must function while being incrementally deployed, broken, etc. • Internet parties are notorious for not agreeing whom to trust • Choosing “trusted authorities” often sparks debate • Successful Internet Systems tend to be very tolerant of misconfigurations and multiple independent opinions • Like DNS and BGP
DNS has tried Crypto • The DNS Security Extensions (DNSSEC) • RFCs 4033-4035 • Approach: a PKI following DNS’ hierarchy • A single “island of security” rooted at DNS’ root zone • Everyone trusts the root • DNSSEC uses public key cryptography • Each zone signs all of its own data, and the keys for its children zones too • By bootstrapping with a single key (trust-anchor) from the root, all keys can be recursively learned
DNSSEC Status Today • Only 10,459 secure zones have deployed • Only about 900 seem to be production • Root zone has not signed • Rather than a single island there are 662 • 97.3% are singleton (isolated) zones • This means 662 trust-anchors would be needed • How can the keys for this many independent zones by globally verified? • Operational management of cryptography has reduced its effectiveness • Monitoring has shown that rapid re-signing leaves roughly 19.8% of data vulnerable to replays
A New Concept: Public-Space • Trust doesn’t have to be predicated on the status of deployments • Track public actions instead • Public actions can be subjected to scrutiny • Anyone may publish data • Who has published data, its consistency, and its history can let each individual judge its veracity • Misbehavior like Man-in-the-Middle (MITM) attacks cannot be denied when done in the Public-Space • Global consistency can be evaluated by polling from multiple locations • Local MITM attacks can be globally refuted in public
Public-Space Systems • We record what is done rather than mandate what operators must do / who they must trust • SecSpider • DNSSEC key learning • Because DNSSEC’s PKI has not evolved • BGP-Origins • BGP prefix attestation system • Because BGP does not have a PKI
SecSpiderhttp://secspider.cs.ucla.edu/ • Learns keys from many global pollers • Keys are tracked over time • Serves globally consistent keys • Anyone can verify keys they have looked up • Adversaries must compromise all pollers to subvert the Public-Space • Results are not provably correct but practically effective • Data owners check the Public-Space for correctness • SecSpider is not a data authority • We are formalizing this approach to achieve security through publicity
BGP-Originshttp://www.bgp-origin.org/ • BGP allows any Autonomous System (AS) to announce that it hosts any IP addresses (prefixes) • ASes send out false announcements sometimes • Pakistan hijacked YouTube by announcing its prefixes • BGP-Origins uses global monitors (RouteViews) and tracks which ASes have announced which prefixes • Also, any user can attest to a prefix-AS binding • Operators could have attested to the proper binding of YouTube’s prefixes to avoid the hijack • Users decide whom to trust and discard attestations from unknown parties
Ongoing Work • Are conventional PKIs a good fit for the Internet? • Operational groups disagree on many “trust” issues • Public-Space applications are maturing • Increasing usage is coming with ongoing publicity at operational meetings • Public-Space can be a substitute for the missing PKI in DNSSEC’s partially deployed state • Users can verify data against what is in the Public-Space • With no PKI for BGP, the Public-Space uses real-world trust that already exists between operators • Addresses attacks and misconfigurations
Thank You Questions?