DOCSLIB.ORG

Attack Surface Analysis of Permissioned Blockchain Platforms for Smart Cities

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Attack Surface Analysis of Permissioned Blockchain Platforms for Smart Cities Attack Surface Analysis of Permissioned Blockchain Platforms for Smart Cities Amanda Davenport Sachin Shetty Xueping Liang University of Minnesota Old Dominion University Old Dominion University [email protected] [email protected] [email protected] Abstract—In this paper, we explore the attack surfaces in to a blockchain, the concept of a permissioned blockchain has open source permissioned blockchain project Hyperledger Fabric caught the attention and favor of many. For smart cities, the that can be exploited and compromised through cryptographic adoption of the permissioned blockchain helps with the data tactics. Attacks such as insider threats, DNS attacks, private key attacks, and certificate authority (CA) attacks are proposed and security and trust establishment. For one thing, the consensus discussed. Points in transaction flow where the proposed attacks scheme ensures the data integrity so that each peer in the are threats to the permissioned blockchain are specified and network maintains a consistent view and thus the architecture analyzed. Key management systems are discussed, and a deep achieves the data security by preserving the integrity of analysis of Hierarchical Deterministic wallets is conducted. The the system state. For the other, the trust among nodes can Membership Service Provider (MSP) proves to be a centralizing aspect of an otherwise decentralized system and proves to be a be established if there are several pre-established certificate weakness of the permissioned blockchain network. authorities responsible for the identity management. In smart Index Terms—Blockchain, Permissioned blockchain, Crypto- cities, there are still critical infrastructures that require pre- graphic attack, Membership Service Provider established central authorities to rely on such as the power grid or financial institutes. In such case, permissioned blockchains I. INTRODUCTION are needed to build a distributed network with inherent trust Blockchain, while most well known from the cryptocur- and the necessary resilience. rency Bitcoin, is quickly becoming a household term. Ex- The rise of permissioned blockchain is accompanied by ploding in the finance sector, the advantages and payoffs of many unexplored security risks and concerns. One of the a secure, decentralized, trust-less, and immutable ledger have revolutionary aspects of public blockchain lies in the de- caught the interest of businesses and groups far beyond the centralization of a trust-less peer-to-peer network and the realm of finance and into the realm of smart cities. Due to permissioned blockchain is found to infringe on just that. What the sharing economy that accompanies urban developments, a network gains in exclusivity it loses in decentralization. The blockchain as a peer-to-peer network becomes a viable and centralizing aspect rests in the Membership Service Provider natural solution to shared resources [1]. Beyond that, systems (MSP) and accompanying Certificate Authority (CA) system. such as city wide sensor networks and the Internet of Things In controlling and dolling out access to the network, the MSP (IoT) can implement blockchains in areas such as supply chain becomes a point of centralization that every actor must go or in detection of points of failure and fraud [2] [3]. With through to interact with the network, such as the application an increase in interest, the newest development emerging is scenarios in healthcare domain [4] and IoT domain [5]. that of a permissioned blockchain: a blockchain network with Every sensor in a city wide system is managed by the same the ability to control administrative permissions such as read, administrative persons and while the network itself remains write, and channel access. decentralized in a peer to peer fashion, there exists a funnel With the permissions granted by some certificate authorities system in the way read, write, and channel permissions are pre-established, the identity can be controlled and managed. distributed. Condensed, the security of the sensor network lies Instead of the fully decentralized architecture in permissionless completely in the hands of administration through the MSP. As blockchains, permissioned blockchain minimizes the possi- a point of centralization, the MSP becomes a target for attacks. bility of an adversarial pretending to behave normally with There are also attack surfaces that can be easily targeted at, anonymous state. This provides the payoffs of a blockchain such as the interface between the sensors in the smart cities network with the luxury of exclusivity in peer-to-peer net- and the blockchain systems including the key management working. The concept of a permissioned blockchain is also sector, the data storage sector and the communication sector. thought to mitigate the threat of many well known blockchain Key management security relies on the cryptographic materials attacks. The 51% attack, sybil attack, and selfish mining are generated for identity establishment and for confidential data all perceived as lesser threats due to limited access to the handling. The data channel security relies on the proper network and trust in those granted access to the blockchain. transmitting and receiving of data objects by the distributed Between the ability to control administrative duties and the sensors. perceived lesser threats of some of the most detrimental attacks Contributions. The contributions of this paper seek to expand the understanding of the security risks that accompany public key cryptography. Each participant on the network is permissioned blockchains at the cryptographic level. The first assigned a digital certificate that assures they are who they contribution offers an attack surface for the MSP and the ways say they are and defines the levels of access and permissions in which access to the blockchain can be compromised are they have. These permissions are set by the afore mentioned explored. The second contribution proposed is an analysis of administrator. Along with a digital certificate, each participate where the MSP attack surface effects transaction flow and is assigned what Fabric labels a digital signature, or the private specific points of weakness. Lastly, we offer an analysis of key half of a public/private key pair. This is used to sign key storage devices in reference to permissioned blockchains, off on transactions and endorsements to ensure and retain the as private keys are seen to be a defining aspect and potentially integrity of the blockchain. detrimental weakness to permissioned blockchain networks. There is no one required CA system for Hyperledger Fabric Hierarchical Deterministic wallets are discussed in terms of and organizations are left to decide how they want to set up and usability pertaining to permissioned blockchains. run a CA system. Fabric does provide Fabric CA, a CA system Organization. In section II the MSP construct is reviewed, by the Linux Foundation and Hyperledger Fabric, however it including an overview of identities, how they work, and how is completely optional and organizations can instead choose to they are implemented in permissioned blockchain as well as use any CA of their liking [7]. Another recommendation by an explanation of the CA systems available. These materials the Linux Foundation is to use the Cryptogen tool. The only are necessary to understand the attack surface of the MSP and limitations in options for CAs is whatever implementation is how the attacks are possible and applicable. In section III we chosen must utilize ECDSA cryptography as RSA cryptogra- delve into the attack surface and each specific attack, outlining phy is not currently supported by Hyperledger Fabric. More the threat it raises and how they are possible. In section IV information on the Fabric CA and the Cryptogen tool can be we outline the transaction flow of permissioned blockchain and found from [8] [9]. Hyperledger Fabric implements root and specify where in the process the attacks labeled in III present intermediate CAs. In order to mitigate the usage of root CAs weaknesses in transaction flow construct. In section V we as to not be backed up in creation of identities, intermediate present an analysis on key management systems, specifically CAs can be ”validated” by a root CA as a trustworthy and Hierarchical Deterministic (HD) wallets. Finally, in section VI, usable CA. The certificate for the intermediate CA is signed we conclude the paper and provide grounds for future works. by the root CA, and the intermediate CA is then allowed to The leading permissioned blockchain at the moment is sign off in the creation of identities. for all intermediate CAs, Hyperledger Fabric, an open source project hosted by the there exists a trail back to it’s root CA. Linux Foundation. For the sake of this report and research III. THE ATTACK SURFACE OF THE MSP study, Hyperledger Fabric will be used to model crypt attack strategies and analysis on permissioned blockchains. Note that, A. Insider Threat though this paper is not meant to overlook or overshadow the As recorded in section II, the current design of the organiza- many attack surfaces not pertaining to the MSP or CA, we tional wide MSPs has no documented limitations in adminis- focus attention and scope of this paper on attacks implemented trator number and the all local MSPS allow allows for a single cryptographically and thus pertaining specifically to the cen- administrative certificate, which means that MSP is controlled tralized aspects of an otherwise decentralized system. by a single administrator
Load more

Recommended publications
  • Business Analytics
    SPRING 2017 Business Analytics Meeting the need for talent. PAGE 4 VIRGINIA TECH BUSINESS is published twice a year by: RANKINGS Pamplin College of Business, Virginia Tech No. 2 1030 Pamplin Hall (0209) U.S. 880 West Campus Drive Blacksburg, VA 24061 540-231-6601 No. 2 No. 7 No. 6 World www.pamplin.vt.edu Master of Evening Hospitality and Address changes: [email protected] Information Technology MBA Tourism Management Editorial inquiries and story suggestions: [email protected] U.S. News & World Report QS Top Universities In this magazine, alumni, with some exceptions, are DONNIE GRAY identified by degree and the year it was received. VIRGINIA TECH’S EVENING MBA ranking in U.S. News & World Report has improved DEAN to No. 7 among the nation’s part-time Robert T. Sumichrast MBA programs, according to the 2018 EDITOR survey released in March. It was ranked Sookhan Ho No. 16 for the previous two years. Offered DESIGN by the Pamplin College of Business, the Uncork-it, Inc. Evening MBA program serves aspiring FEATURE WRITERS business leaders in the Washington, D.C., Sookhan Ho, Dan Radmacher area with classes taught at the Northern PHOTOGRAPHERS Virginia Center, and has seen significant STUDENTS such as Mala Lal balance work, Christina O’Connor, Jim Stroup, Logan Wallace, growth in recent years. study, and family in the highly ranked Evening Oliver Meredith MBA program. ALUMNI INFORMATION Gina French, Bonnie Gilbert DISTRIBUTION MANAGER Jodi Jennings Charles Schwab Financial Planning Suite ABOUT enhances learning for business students Virginia Tech’s nationally ranked Pamplin College of JIM STROUP Business offers undergraduate and graduate programs in accounting and information systems, business information technology, economics, finance, hospitality and tourism management, management, and market- ing.
    [Show full text]
  • RSA-512 Certificates Abused in the Wild
    RSA-512 Certificates abused in the wild During recent weeks we have observed several interesting publications which have a direct relation to an investigation we worked on recently. On one hand there was a Certificate Authority being revoked by Mozilla, Microsoft and Google (Chrome), on the other hand there was the disclosure of a malware attack by Mikko Hypponen (FSecure) using a government issued certificate signed by the same Certificate Authority. That case however is not self-contained and a whole range of malicious software had been signed with valid certificates. The malicious software involved was used in targeted attacks focused on governments, political organizations and the defense industry. The big question is of course, what happened, and how did the attackers obtain access to these certificates? We will explain here in detail how the attackers have used known techniques to bypass the Microsoft Windows code signing security model. Recently Mikko Hypponen wrote a blog on the F-Secure weblog (http://www.f-secure.com/weblog/archives/00002269.html) detailing the discovery of a certificate used to sign in the wild malware. Specifically this malware was embedded in a PDF exploit and shipped in August 2011. Initially Mikko also believed the certificate was stolen, as that is very common in these days, with a large amount of malware families having support, or optional support, for stealing certificates from the infected system. Apparently someone Mikko spoke to mentioned something along the lines that it had been stolen a long time ago. During the GovCert.nl symposium Mikko mentioned the certificate again, but now he mentioned that according to the people involved with investigating the case in Malaysia it likely wasn't stolen.
    [Show full text]
  • Technical Education Landscape in the UAE: Qualifications & Opportunities
    Technical Education Landscape in the UAE: Qualifications & Opportunities GLOBAL INNOVATIONS 2013 – DOHA, QATAR Sajida H. Shroff, April 2013 Agenda • Executive Summary • UAE Parameters for Technical Education • Current Status of TECH Education in the UAE • Enrollment Growth in Vocational/Technical/Career Track Education in the UAE • UAE’s Regulatory Landscape • Proposed and (sample) Private Qualifications Frameworks in the UAE • Current Career Track Training Options in the UAE • Public and Private Providers • Gaps and Potential Programmes • Next Steps • Potential Impact • Appendices: Sources Technical Education Landscape in the UAE- updated 04Apr13 2 Executive Summary The Technical (TECH) Landscape Study identifies the current status, prospects and challenges related to the expansion of TECH offerings in Dubai • There is a need for expanded Vocational/Technical Educational Programmes in Dubai to serve the UAE and the Region • Programmes would primarily serve the Expatriate population as there is sufficient capacity for the National population • The key target market is high school graduates from the UAE and the Region who DON’T/CAN’T go to university • To mitigate the identified skills gap, the focus of VTECH Education in the UAE needs to be on ‘white collar’ “career track opportunities” • In order for these career track programmes to have credibility, a qualifications framework aligned with global best practices and enabling transferability of qualifications is necessary • Due to the negative perception surrounding Vocational/Technical Education in this region as well as current labor market practices (i.e. importing blue collar workers) – VTECH Education needs to be repositioned in the UAE Technical Education Landscape in the UAE- updated 04Apr13 3 UAE’s parameters for Technical Education & Training (TECH) have to take into account regional nuances so they should be different from the global understanding; i.e.
    [Show full text]
  • The Deloitte Global 2021 Millennial and Gen Z Survey
    A call for accountability and action T HE D ELO IT T E GLOB A L 2021 M IL LE N N IA L AND GEN Z SUR V E Y 1 Contents 01 06 11 INTRODUCTION CHAPTER 1 CHAPTER 2 Impact of the COVID-19 The effect on mental health pandemic on daily life 15 27 33 CHAPTER 3 CHAPTER 4 CONCLUSION How the past year influenced Driven to act millennials’ and Gen Zs’ world outlooks 2 Introduction Millennials and Generation Zs came of age at the same time that online platforms and social media gave them the ability and power to share their opinions, influence distant people and institutions, and question authority in new ways. These forces have shaped their worldviews, values, and behaviors. Digital natives’ ability to connect, convene, and create disruption via their keyboards and smartphones has had global impact. From #MeToo to Black Lives Matter, from convening marches on climate change to the Arab Spring, from demanding eco-friendly products to challenging stakeholder capitalism, these generations are compelling real change in society and business. The lockdowns resulting from the COVID-19 pandemic curtailed millennials’ and Gen Zs’ activities but not their drive or their desire to be heard. In fact, the 2021 Deloitte Global Millennial Survey suggests that the pandemic, extreme climate events, and a charged sociopolitical atmosphere may have reinforced people’s passions and given them oxygen. 01 Urging accountability Last year’s report1 reflected the results of two Of course, that’s a generality—no group of people is surveys—one taken just before the pandemic and a homogeneous.
    [Show full text]
  • Episode 230: Click Here to Kill Everybody
    Episode 230: Click Here to Kill Everybody Stewart Baker: [00:00:03] Welcome to Episode 230 of The Cyberlaw Podcast brought to you by Steptoe & Johnson. We are back and full of energy. Thank you for joining us. We're lawyers talking about technology, security, privacy, and government. And if you want me to talk about hiking through the rain forest of Costa Rica and just how tough my six-year-old granddaughter is, I'm glad to do that too. But today I'm joined by our guest interviewee Bruce Schneier, an internationally renowned technologist, privacy and security guru, and the author of the new book, Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World. We'll be talking to him shortly. For the News Roundup, we have Jamil Jaffer, who's the founder of the estimable and ever-growing National Security Institute. He's also an adjunct professor at George Mason University. Welcome, Jamil. Jamil Jaffer: [00:00:57] Thanks, Stewart. Good to be here. Stewart Baker: [00:00:58] And David Kris, formerly the assistant attorney general in charge of the Justice Department's National Security Division. David, welcome. David Kris: [00:01:07] Thank, you. Good to be here. Stewart Baker: [00:01:08] And he is with his partner in their latest venture, Nate Jones, veteran of the Justice Department, the National Security Council, and Microsoft where he was an assistant general counsel. Nate, welcome. Nate Jones: [00:01:23] Thank you. Stewart Baker: [00:01:25] I'm Stewart Baker, formerly with the NSA and DHS and the host of today's program.
    [Show full text]
  • TLS Attacks & DNS Security
    IAIK TLS Attacks & DNS Security Information Security 2019 Johannes Feichtner [email protected] IAIK Outline TCP / IP Model ● Browser Issues Application SSLStrip Transport MITM Attack revisited Network Link layer ● PKI Attacks (Ethernet, WLAN, LTE…) Weaknesses HTTP TLS / SSL FLAME FTP DNS Telnet SSH ● Implementation Attacks ... ● Protocol Attacks ● DNS Security IAIK Review: TLS Services All applications running TLS are provided with three essential services Authentication HTTPS FTPS Verify identity of client and server SMTPS ... Data Integrity Detect message tampering and forgery, TLS e.g. malicious Man-in-the-middle TCP IP Encryption Ensure privacy of exchanged communication Note: Technically, not all services are required to be used Can raise risk for security issues! IAIK Review: TLS Handshake RFC 5246 = Establish parameters for cryptographically secure data channel Full handshake Client Server scenario! Optional: ClientHello 1 Only with ServerHello Client TLS! Certificate 2 ServerKeyExchange Certificate CertificateRequest ClientKeyExchange ServerHelloDone CertificateVerify 3 ChangeCipherSpec Finished ChangeCipherSpec 4 Finished Application Data Application Data IAIK Review: Certificates Source: http://goo.gl/4qYsPz ● Certificate Authority (CA) = Third party, trusted by both the subject (owner) of the certificate and the party (site) relying upon the certificate ● Browsers ship with set of > 130 trust stores (root CAs) IAIK Browser Issues Overview Focus: Relationship between TLS and HTTP Problem? ● Attacker wants to access encrypted data ● Browsers also have to deal with legacy websites Enforcing max. security level would „break“ connectivity to many sites Attack Vectors ● SSLStrip ● MITM Attack …and somehow related: Cookie Stealing due to absent „Secure“ flag… IAIK Review: ARP Poisoning How? Attacker a) Join WLAN, ● Sniff data start ARP Poisoning ● Manipulate data b) Create own AP ● Attack HTTPS connections E.g.
    [Show full text]
  • Improving PKI Solution Analysis in Case of CA Compromisation
    Master Game and Media Technology Improving PKI Solution analysis in case of CA compromisation Samira Zaker Soltani January 2013 Utrecht University Faculty Computer Science Deloitte Nederland Deloitte Risk Services Supervisors: Gerard Tel - Univeristy Utrecht Henk Marsman - Deloitte Nederland To my mother, for she is the reason. Abstract Creating a secure connection on the Internet is made possible through the usage of certificates, binding an entity to its public key. These certificates can be issued by any of the Certificate Authorities (CA), where each CA has the same privileges. During the last year, we have seen many CA compromises, resulting into the issuance of fraudulent certificates. Fraudulent certificates can be used, in combination with the man-in-the-middle attack, to eavesdrop the communications of Internet users. This research focuses on solutions that can remove or limit the impact of a CA com- promisation and provides a description and analysis of each solution. The solutions have been chosen through interviews and literature. Among the discussed solutions are Public Key Pinning, Sovereign Keys, Certificate Transparency, Perspectives & Convergence, DANE, and MCS. In order to identify each solution’s advantages and disadvantages, we have created a metric of aspects. The aspects have been categorized into security, usability, and costs. The focus of this research has been on security, since that is the aspect in Public Key Infrastructure we are trying to solve. The results indicate that Certificate Transparency and DANE are the most promis- ing solutions for limiting the risks of a compromised CA. Further research will be needed to complete each solution, since both solutions are not yet ready for deploy- ment.
    [Show full text]
  • Web and Mobile Security
    Cyber Security Body of Knowledge: Web and Mobile Security Sergio Maffeis Imperial College London bristol.ac.uk © Crown Copyright, The National Cyber Security Centre 2021. This information is licensed under the Open Government Licence v3.0. To view this licence, visit http://www.nationalarchives.gov.uk/doc/open- government-licence/. When you use this information under the Open Government Licence, you should include the following attribution: CyBOK Web & Mobile Security Knowledge Area Issue 1.0 © Crown Copyright, The National Cyber Security Centre 2021, licensed under the Open Government Licence http://www.nationalarchives.gov.uk/doc/open- government-licence/. The CyBOK project would like to understand how the CyBOK is being used and its uptake. The project would like organisations using, or intending to use, CyBOK for the purposes of education, training, course development, professional development etc. to contact it at [email protected] to let the project know how they are using CyBOK. bristol.ac.uk Web & Mobile Security KA • This webinar covers and complements selected topics from the “Web & Mobile Security Knowledge Area - Issue 1.0” document [WMS-KA for short] • “The purpose of this Knowledge Area is to provide an overview of security mechanisms, attacks and defences in modern web and mobile ecosystems.” • We assume basic knowledge of the web and mobile platforms – The WMS-KA also covers some of the basic concepts assumed here Web and Mobile Security 3 Scope • The focus of WMS-KA is on the intersection of mobile and web security, as a result of recent appification and webification trends. – The KA does not cover specific mobile-only aspects including mobile networks, mobile malware, side channels.
    [Show full text]
  • Core Renaissance: Revitalising the Heart of IT
    ChapterUK extractEdition Core renaissance Revitalising the heart of IT Tech Trends 2015: The fusion of business and IT B Core renaissance Core renaissance Revitalising the heart of IT Organisations have significant investments in their core systems, both built and bought. Beyond running the heart of the business, these assets can form the foundation for growth and new service development – building upon standardised data and automated business processes. To this end, many organisations are modernising systems to pay down technical debt, replatforming solutions to remove barriers to scale and performance, and extending their legacy infrastructures to fuel innovative new services and offerings. NVESTING in technologies that support Leading organisations are building a Ithe heart of the business has been IT’s roadmap for a renaissance of their core – emphasis since its earliest days – policy focussed not on painting their legacy as the administration, claims management, and “dark ages,” but on revitalising the heart of billing in insurance; order management, their IT and business footprint. resource planning and manufacturing for consumer and industrial products; Business first inventory management, pricing and Amid continuously evolving business distribution for retail; and universal needs pressures and technology trends, several such as finance and human resources. questions arise: How will the core hold up? Core systems drive process and data (Consider, first, the business angle.) How automation, standardisation and intelligence well do existing solutions meet today’s – and represent decades of investment needs? (Consider not just functional in buying packages, building custom completeness, but increasingly relevant solutions and integrating an increasingly dimensions like usability, analytics insights hybrid environment.
    [Show full text]
  • A Roadmap to Initial Public Offerings
    A Roadmap to Initial Public Offerings 2019 The FASB Accounting Standards Codification® material is copyrighted by the Financial Accounting Foundation, 401 Merritt 7, PO Box 5116, Norwalk, CT 06856-5116, and is reproduced with permission. This publication contains general information only and Deloitte is not, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this publication. As used in this document, “Deloitte” means Deloitte & Touche LLP, Deloitte Consulting LLP, Deloitte Tax LLP, and Deloitte Financial Advisory Services LLP, which are separate subsidiaries of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of our legal structure. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2019 Deloitte Development LLC. All rights reserved. Other Publications in Deloitte’s Roadmap Series Business Combinations Business Combinations — SEC Reporting Considerations Carve-Out Transactions Consolidation — Identifying a Controlling Financial Interest Contracts on an Entity’s Own Equity
    [Show full text]
  • SSL/TLS Interception Proxies and Transitive Trust Jeff Jarmoc Dell Secureworks Counter Threat Unit℠ Threat Intelligence
    SSL/TLS Interception Proxies and Transitive Trust Jeff Jarmoc Dell SecureWorks Counter Threat Unit℠ Threat Intelligence Presented at Black Hat Europe – March 14, 2012. Introduction Secure Sockets Layer (SSL) [1] and its successor Transport Layer Security (TLS) [2] have become key components of the modern Internet. The privacy, integrity, and authenticity [3] [4] provided by these protocols are critical to allowing sensitive communications to occur. Without these systems, e- commerce, online banking, and business-to-business exchange of information would likely be far less frequent. Threat actors have also recognized the benefits of transport security, and they are increasingly turning to SSL to hide their activities. Advanced Persistent Threat (APT) attackers [5], botnets [6], and even commodity web attacks can leverage SSL encryption to evade detection. To counter these tactics, organizations are increasingly deploying security controls that intercept end- to-end encrypted channels. Web proxies, data loss prevention (DLP) systems, specialized threat detection solutions, and network intrusion prevention systems (NIPS) offer functionality to intercept, inspect, and filter encrypted traffic. Similar functionality is present in lawful intercept systems and solutions enabling the broad surveillance of encrypted communications by governments. Broadly classified as “SSL/TLS interception proxies,” these solutions act as a “man in the middle,” violating the end-to-end security promises of SSL. This type of interception comes at a cost. Intercepting SSL-encrypted connections sacrifices a degree of privacy and integrity for the benefit of content inspection, often at the risk of authenticity and endpoint validation. Implementers and designers of SSL interception proxies should consider these risks and understand how their systems operate in unusual circumstances.
    [Show full text]
  • Certificate Transparency: New Part of PKI Infrastructure
    Certificate transparency: New part of PKI infrastructure A presentation by Dmitry Belyavsky, TCI ENOG 7 Moscow, May 26-27, 2014 About PKI *) *) PKI (public-key infrastructure) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates Check the server certificate The server certificate signed correctly by any of them? Many trusted CAs NO YES Everything seems to We warn the user be ok! DigiNotar case OCSP requests for the fake *.google.com certificate Source: FOX-IT, Interim Report, http://cryptome.org/0005/diginotar-insec.pdf PKI: extra trust Independent Trusted PKI source certificate DANE (RFC 6698) Certificate pinning Limited browsers support Mozilla Certificate Patrol, Chrome cache for Google certificates Certificate transparency (RFC 6962) Inspired by Google (Support in Chrome appeared) One of the authors - Ben Laurie (OpenSSL Founder) CA support – Comodo Certificate Transparency: how it works • Log accepts cert => SCT Client • Is SCT present and signed correctly? Client • Is SCT present and signed correctly? Auditor • Does log server behave correctly? Monitor • Any suspicious certs? Certificate Transparency: how it works Source: http://www.certificate-transparency.org Certificate Transparency how it works Source: http://www.certificate-transparency.org Certificate Transparency current state Google Chrome Support (33+) http://www.certificate-transparency.org/certificate-transparency-in-chrome Google Cert EV plan http://www.certificate-transparency.org/ev-ct-plan Certificate Transparency current state Open source code 2 pilot logs Certificate Transparency: protect from what? SAVE from MITM attack ü Warning from browser ü Site owner can watch logs for certs Do NOT SAVE from HEARTBLEED! Certificate transparency and Russian GOST crypto Russian GOST does not save from the MITM attack Algorithm SHA-256 >>> GOSTR34.11-2012 Key >>> GOST R 34.10-2012 Q&A Questions? Drop ‘em at: [email protected] .
    [Show full text]