Title :
Restricting access with certificate attributes in multiple root environments - a recipe for certificate masquerading
Author :
Hayes, Capt James M
Author_Institution :
Syst. & Network Attack Center, USAF, MD, USA
Abstract :
The issue of certificate masquerading against the SSL protocol is pointed out in Hayes (1998). In Hayes, various forms of server certificate masquerading are identified. It should also be noted that the attack described is a man-in-the-middle (MITM) attack that requires direct manipulation of the SSL protocol. This paper is a mirror of Hayes and involves client certificate masquerading. The motivation for this paper comes from the fact that this anomaly has shown up in commercial products. It is potentially more damaging than in Hayes since a MITM attack is not involved and the only requirement is that the application trust a given root certificate authority (CA). The problem arises when applications use multiple roots that do not cross-certify. The problem is further exacerbated since the applications themselves do not have the ability to apply external name constraints and policies. Unfortunately, the problem is a fairly well known problem, within the public key infrastructure (PKI) community, but continues to persist in practice despite this knowledge.
Keywords :
authorisation; certification; message authentication; protocols; public key cryptography; telecommunication security; Internet security; PKI; SSL protocol; certificate attributes; client certificate masquerading; extranet security; intranet security; multiple roots; public key infrastructure; root certificate authority; Access protocols; Authentication; Certification; Extranets; Intelligent networks; Internet; Mirrors; National security; Network servers; Public key;
Conference_Titel :
Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual
Print_ISBN :
0-7695-1405-7
DOI :
10.1109/ACSAC.2001.991555
