250 likes | 550 Views
SSL Trust Pitfalls. Prof. Ravi Sandhu. THE CERTIFICATE TRIANGLE. user. X.509 attribute certificate. X.509 identity certificate. attribute. public-key. SPKI certificate. SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA. Handshake Protocol. Record Protocol.
E N D
SSL Trust Pitfalls Prof. Ravi Sandhu
THE CERTIFICATE TRIANGLE user X.509 attribute certificate X.509 identity certificate attribute public-key SPKI certificate
SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA Handshake Protocol Record Protocol
CLIENT-SIDE SSL (OR 2-WAY) HANDSHAKE WITH RSA Handshake Protocol Record Protocol
SINGLE ROOT CA MODEL Root CA a b c d e f g h i j k l m n o p Root CA User
User RA User RA User RA SINGLE ROOT CAMULTIPLE RA’s MODEL Root CA a b c d e f g h i j k l m n o p Root CA
MULTIPLE ROOT CA’s MODEL Root CA Root CA Root CA a b c d e f g h i j k l m n o p Root CA User Root CA User Root CA User
ROOT CA PLUS INTERMEDIATE CA’s MODEL Z X Y Q R S T A C E G I K M O a b c d e f g h i j k l m n o p
SECURE ELECTRONIC TRANSACTIONS (SET) CA HIERARCHY Root Brand Brand Brand Geo-Political Bank Acquirer Customer Merchant
MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL X S T Q R A C E G I K M O a b c d e f g h i j k l m n o p
MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL X S T Q R A C E G I K M O a b c d e f g h i j k l m n o p
MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL X S T Q R A C E G I K M O a b c d e f g h i j k l m n o p
MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL • Essentially the model on the web today • Deployed in server-side SSL mode • Client-side SSL mode yet to happen
SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA Handshake Protocol Record Protocol
SERVER-SIDE MASQUARADING Bob Web browser www.host.com Web server Server-side SSL Ultratrust Security Services www.host.com
SERVER-SIDE MASQUARADING Bob Web browser www.host.com Web server Ultratrust Security Services Server-side SSL Server-side SSL Mallory’s Web server www.host.com BIMM Corporation www.host.com
SERVER-SIDE MASQUARADING Bob Web browser www.host.com Web server Ultratrust Security Services Server-side SSL Server-side SSL BIMM Corporation Mallory’s Web server www.host.com Ultratrust Security Services www.host.com
CLIENT-SIDE SSL (OR 2-WAY) HANDSHAKE WITH RSA Handshake Protocol Record Protocol
MAN IN THE MIDDLEMASQUARADING PREVENTED Client Side SSL end-to-end Ultratrust Security Services Bob Web browser www.host.com Web server Bob Ultratrust Security Services Client-side SSL Client-side SSL BIMM Corporation BIMM Corporation www.host.com Mallory’s Web server Ultratrust Security Services Ultratrust Security Services www.host.com Bob
ATTRIBUTE-BASED CLIENT SIDE MASQUARADING Joe@anywhere Web browser BIMM.com Web server Client-side SSL Ultratrust Security Services Ultratrust Security Services Joe@anywhere BIMM.com
ATTRIBUTE-BASED CLIENT SIDE MASQUARADING Alice@SRPC Web browser BIMM.com Web server Client-side SSL SRPC Ultratrust Security Services Alice@SRPC BIMM.com
ATTRIBUTE-BASED CLIENT SIDE MASQUARADING Bob@PPC Web browser BIMM.com Web server Client-side SSL PPC Ultratrust Security Services Bob@PPC BIMM.com
ATTRIBUTE-BASED CLIENT SIDE MASQUARADING Alice@SRPC Web browser BIMM.com Web server Client-side SSL SRPC Ultratrust Security Services PPC BIMM.com Bob@PPC
PKI AND TRUST • Got to be very careful • Not a game for amateurs • Not many professionals as yet
REFERENCES • "An overview of PKI trust models" by Perlman, R. IEEE Network, Volume: 13 Issue: 6 , Nov.-Dec. 1999 Page(s): 38-43 • "The problem with multiple roots in Web browsers-certificate masquerading" by Hayes, J.M. Proceedings Seventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, IEEE 1998. (WET ICE '98) 17-19 June 1998 Page(s): 306 -311. • "Restricting access with certificate attributes in multiple root environments - a recipe for certificate masquerading" by Hayes, J.M. Proc. 15th Annual Computer Security Applications Conference, IEEE, 2001, Page(s): 386-390.