No attack necessary: the surprising dynamics of SSL trust relationships

Proceedings of the 29th Annual Computer Security Applications Conference Pub Date : 2013-12-09 DOI:10.1145/2523649.2523665

Bernhard Amann, Robin Sommer, Matthias Vallentin, Seth Hall

{"title":"No attack necessary: the surprising dynamics of SSL trust relationships","authors":"Bernhard Amann, Robin Sommer, Matthias Vallentin, Seth Hall","doi":"10.1145/2523649.2523665","DOIUrl":null,"url":null,"abstract":"Much of the Internet's end-to-end security relies on the SSL/TLS protocol along with its underlying X.509 certificate infrastructure. However, the system remains quite brittle due to its liberal delegation of signing authority: a single compromised certification authority undermines trust globally. Several recent high-profile incidents have demonstrated this shortcoming convincingly. Over time, the security community has proposed a number of counter measures to increase the security of the certificate ecosystem; many of these efforts monitor for what they consider tell-tale signs of man-in-the-middle attacks. In this work we set out to understand to which degree benign changes to the certificate ecosystem share structural properties with attacks, based on a large-scale data set of more than 17 billion SSL sessions. We find that common intuition falls short in assessing the maliciousness of an unknown certificate, since their typical artifacts routinely occur in benign contexts as well. We also discuss what impact our observations have on proposals aiming to improve the security of the SSL ecosystem.","PeriodicalId":127404,"journal":{"name":"Proceedings of the 29th Annual Computer Security Applications Conference","volume":"74 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"41","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 29th Annual Computer Security Applications Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2523649.2523665","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 41

Abstract

Much of the Internet's end-to-end security relies on the SSL/TLS protocol along with its underlying X.509 certificate infrastructure. However, the system remains quite brittle due to its liberal delegation of signing authority: a single compromised certification authority undermines trust globally. Several recent high-profile incidents have demonstrated this shortcoming convincingly. Over time, the security community has proposed a number of counter measures to increase the security of the certificate ecosystem; many of these efforts monitor for what they consider tell-tale signs of man-in-the-middle attacks. In this work we set out to understand to which degree benign changes to the certificate ecosystem share structural properties with attacks, based on a large-scale data set of more than 17 billion SSL sessions. We find that common intuition falls short in assessing the maliciousness of an unknown certificate, since their typical artifacts routinely occur in benign contexts as well. We also discuss what impact our observations have on proposals aiming to improve the security of the SSL ecosystem.

查看原文本刊更多论文

无需攻击:SSL信任关系的惊人动态

Internet的端到端安全性很大程度上依赖于SSL/TLS协议及其底层的X.509证书基础结构。然而，由于签名权威的自由授权，该系统仍然相当脆弱:单个受损的证书权威会破坏全球的信任。最近几起引人注目的事件令人信服地证明了这一缺陷。随着时间的推移，安全社区提出了一些应对措施来增加证书生态系统的安全性;这些努力中有许多都在监测他们认为的中间人攻击的迹象。在这项工作中，我们基于超过170亿个SSL会话的大规模数据集，着手了解证书生态系统的良性变化在多大程度上与攻击具有相同的结构属性。我们发现，通常的直觉在评估未知证书的恶意方面是不够的，因为它们的典型工件通常也会出现在良性的上下文中。我们还讨论了我们的观察对旨在提高SSL生态系统安全性的建议的影响。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 29th Annual Computer Security Applications Conference

自引率

0.00%

发文量