1 / 8

Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure Joshua Schiffman

Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure Joshua Schiffman Archana Viswanath. Computer Security. Security is a business Especially PKI PKI needs business to thrive Buy certificates PKI equipment Certificates are the commodity How trustworthy are they?.

mohammad-jennings
Download Presentation

Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure Joshua Schiffman

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ten Risks of PKI: What You're not Being Told about Public Key Infrastructure Joshua Schiffman Archana Viswanath

  2. Computer Security • Security is a business • Especially PKI • PKI needs business to thrive • Buy certificates • PKI equipment • Certificates are the commodity • How trustworthy are they?

  3. Categories of Risk • Security is a chain • Only as strong as the weakest link • We identify three main categories for risk • Trust in the Certification Authority (CA) • Trust in the encryption keys • Trust in the users

  4. Certification Authorities • PKI requires distribution of public keys • Dangerous to send in the clear • CAs provide certificates binding name to key • What makes a CA trusted? • What guarantee do we have the certificate is real? Really? This is Bob's public key KB Alice CA

  5. Content Authorities • Certificates contain more than just a key • Name / ID • DNS for SSL • Who is authorized to provide this content • CAs are not authorities • Contrary to many other systems • Business name • Licenses • Does it always matter? • Offers no added encryption

  6. Registration Authority • Registration Authorities (RA) • Authority on the contents • Establish secure communication with the CA • What guarantees are in the RA+CA model? • CAs can forge certificates • More vectors for attack • Authorities physically possessing the CA helps • Breaks some business models

  7. Identifying the Applicant • Does the CA verify applications? • Identity checking • Are the credentials easy to obtain? • Is there private key verification? • Possessing the public key for the certificate • Does not prove possession of private key Really? This is my public key KA Alice CA

  8. Securing the CA • CAs don't keep secrets • All verification is done with public keys • Use “root certificates" to vouch for the certificate • Self-signed • Form a chain of trust • Must end at some ultimately trusted party • Attackers can inject their own root keys • Spoof public keys • Physically protect the CA

More Related