Certified Lies: Detecting and Defeating Government Interception Attacks against SSL (Short Paper)

This paper introduces the compelled certificate creation attack, in which government agencies may compel a certificate authority to issue false SSL certificates that can be used by intelligence agencies to covertly intercept and hijack individuals' secure Web-based communications.

[1]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[2]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[3]  Amir Herzberg,et al.  Security and identification indicators for browsers against spoofing and phishing attacks , 2008, TOIT.

[4]  Pekka Nikander,et al.  Weak Authentication: How to Authenticate Unknown Principals without Trusted Parties , 2002, Security Protocols Workshop.

[5]  Shai Halevi Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings , 2009, CRYPTO.

[6]  Len Sassaman,et al.  PKI Layer Cake: New Collision Attacks against the Global X.509 Infrastructure , 2010, Financial Cryptography.

[7]  Christopher Soghoian,et al.  Caught in the Cloud: Privacy, Encryption, and Government Back Doors in the Web 2.0 Era , 2009, J. Telecommun. High Technol. Law.

[8]  Adi Shamir Cryptography: State of the science , 2007 .

[9]  Angelos D. Keromytis,et al.  DoubleCheck: Multi-path verification against man-in-the-middle attacks , 2009, 2009 IEEE Symposium on Computers and Communications.

[10]  Cormac Herley,et al.  So long, and no thanks for the externalities: the rational rejection of security advice by users , 2009, NSPW '09.

[11]  PKI considered harmful , .

[12]  David Ahmad Two Years of Broken Crypto: Debian's Dress Rehearsal for a Global PKI Compromise , 2008, IEEE Security & Privacy.

[13]  Lorrie Faith Cranor,et al.  Crying Wolf: An Empirical Study of SSL Warning Effectiveness , 2009, USENIX Security Symposium.

[14]  Collin Jackson,et al.  Forcehttps: protecting high-security web sites from network attacks , 2008, WWW.

[15]  Bruno Crispo,et al.  A Certification Scheme for Electronic Commerce , 1996, Security Protocols Workshop.

[16]  Marc Stevens,et al.  Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate , 2009, CRYPTO.

[17]  Ed Gerck Overview of Certification Systems: X.509, Pkix, Ca, Pgp & Skip , .

[18]  James M. Hayes The problem with multiple roots in Web browsers-certificate masquerading , 1998, Proceedings Seventh IEEE International Workshop on Enabling Technologies: Infrastucture for Collaborative Enterprises (WET ICE '98) (Cat. No.98TB100253).

[19]  Marcel Fratzscher,et al.  Low probability, high impact: Policy making and extreme events , 2008 .

[20]  Stuart E. Schechter,et al.  The Emperor's New Security Indicators , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[21]  Hovav Shacham,et al.  When private keys are public: results from the 2008 Debian OpenSSL vulnerability , 2009, IMC '09.

[22]  Adrian Perrig,et al.  Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing , 2008, USENIX Annual Technical Conference.