Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments...
-
Upload
jane-watkins -
Category
Documents
-
view
215 -
download
0
Transcript of Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments...
![Page 1: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/1.jpg)
Perspectives: Improving SSH-Style Host Authentication with Multi-Path ProbingAnalysis and CommentsGregory T. Hoffer
CS7123 – Research Seminar (Dr. Qi Tian)
![Page 2: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/2.jpg)
Overview
Project Description Problem Objective Design
Security Analysis Future Work
![Page 3: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/3.jpg)
Project Description
Problem SSL requires shared secret to be exchanged Diffie-Hellman key exchange subject to
MITM attack.
![Page 4: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/4.jpg)
Project Description
SSL Certificate Acceptance (Tofu)
![Page 5: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/5.jpg)
Project Description
Certificate Authority (CA) List embedded in client Certificate Revocation checks
![Page 6: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/6.jpg)
Project Description
Problem Summary Rely upon the user’s discretion to
determine if unauthenticated key is valid Key authentication is based upon “known
good” list of trusted certs (“centralized trust brokers”), which have been shown to be insecure(http://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust/
) Certificate Revocation not always in use,
and itself susceptible to attack or becoming stale.
![Page 7: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/7.jpg)
Project Description
Objective Create modular notary network Tolerate internal failures Tolerate compromises
![Page 8: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/8.jpg)
Project Description
Design Network of notaries Each notary monitors and records keys
requested/sent, cryptographically signed. Multiple “Vantage Points” to provide fault
tolerance, rigor against compromise of single (or few) notaries.
Data redundancy by “shadowed” copies of notary data.
![Page 9: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/9.jpg)
Project Description
Source: “With SSL, who can you really trust?”, 2011, Network World. (http://www.networkworld.com/news/2011/081811-ssl-249874.html?page=2)
![Page 10: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/10.jpg)
Security Analysis
MitM attacks provide client with false public key.
Assume attacks are either Localized to a particular network scope, or Of a limited duration
Data Redundancy helps clients detect malicious notaries
Bootstrapping the observations? How to secure client operation (e.g.
Plugins)? How to manage notary trust?
![Page 11: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/11.jpg)
Future Work
Description
Notary-Aware Services
Additional Protocols
DNSSEC
Performance (Client, Server)
![Page 12: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/12.jpg)
Conclusion
Perspectives represents an interesting class of security in an interesting deployment – network of notaries.
While addressing some key security problems of authenticating servers, it raises other questions of security of the system.
Quis custodiet ipsos custodes?
![Page 13: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/13.jpg)
Questions and Discussion
Any questions or comments?
![Page 14: Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.](https://reader035.fdocuments.in/reader035/viewer/2022070400/56649f145503460f94c28ea9/html5/thumbnails/14.jpg)
References
Dan Wendlandt, David G. Andersen, and Adrian Perrig. 2008. Perspectives: improving SSH-style host authentication with multi-path probing. In USENIX 2008 Annual Technical Conference on Annual Technical Conference (ATC'08). USENIX Association, Berkeley, CA, USA, 321-334
J. Sunshine, S. Egelman, H. Almuhimedi, N. Atri, L. Cranor. 2009. Crying wolf: an empirical study of SSL warning effectiveness. In Proceedings of the 18th conference on USENIX security symposium (SSYM'09). USENIX Association, Berkeley, CA, USA, 399-416.