Annual Computer Security Applications Conference (ACSAC) 2013

Full Program »

No Attack Necessary: The Surprising Dynamics of SSL Trust Relationships

Much of the Internet's end-to-end security relies on the SSL/TLS protocol along
with its underlying X.509 certificate infrastructure. However, the system
remains quite brittle due to its liberal delegation of signing authority: a
single compromised certification authority undermines trust globally. Several
recent high-profile incidents have demonstrated this shortcoming convincingly.
Over time, the security community has proposed a number of counter measures to
increase the security of the certificate ecosystem; many of these efforts
monitor for what they consider tell-tale signs of man-in-the-middle attacks. In
this work we set out to understand to which degree benign changes to the
certificate ecosystem shares structural properties with attacks, based on a
large-scale data set of more than 16 billion SSL sessions. We find that common
intuition falls short in assessing the maliciousness of an unknown certificate,
since their typical artifacts routinely occur in benign contexts as well. We
also discuss what impact our observations have on proposals aiming to improve
the security of the SSL ecosystem.


Bernhard Amann    
International Computer Science Institute
United States

Robin Sommer    
International Computer Science Institute / Lawrence Berkeley National Laboratory
United States

Matthias Vallentin    
UC Berkeley
United States

Seth Hall    
International Computer Science Institute
United States


Powered by OpenConf®
Copyright©2002-2014 Zakon Group LLC