1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.
-
Upload
brent-bell -
Category
Documents
-
view
216 -
download
0
description
Transcript of 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.
![Page 1: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/1.jpg)
1
Is an Internet PKI the Right Approach?
Eric OsterweilJoin work with:
Dan Massey and Lixia Zhang
![Page 2: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/2.jpg)
2
Life in the Internet The Internet is a uniquely challenging environment
to deploy systems because: It is immense It is has a highly diverse makeup Its constituent components are constantly in flux and are
administered by independent authorities As a result, systems must be designed to tolerate:
Constant configuration errors, incremental deployments (which may take years), and diverse opinions on who is trustworthy
![Page 3: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/3.jpg)
3
Problems The Internet’s heterogeneity makes it difficult for
systems to rely on being fully deployed Systems must function while being incrementally deployed,
broken, etc. Internet parties are notorious for not agreeing whom
to trust Choosing “trusted authorities” often sparks debate
Successful Internet Systems tend to be very tolerant of misconfigurations and multiple independent opinions Like DNS and BGP
![Page 4: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/4.jpg)
4
DNS has tried Crypto The DNS Security
Extensions (DNSSEC) RFCs 4033-4035
Approach: a PKI following DNS’ hierarchy A single “island of security”
rooted at DNS’ root zone Everyone trusts the root
DNSSEC uses public key cryptography Each zone signs all of its own data, and the keys for its children zones
too By bootstrapping with a single key (trust-anchor) from the root, all
keys can be recursively learned
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
![Page 5: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/5.jpg)
5
DNSSEC Status Today Only 10,459 secure zones have deployed
Only about 900 seem to be production Root zone has not signed
Rather than a single island there are 662 97.3% are singleton (isolated) zones This means 662 trust-anchors would be needed How can the keys for this many independent zones by globally
verified? Operational management of cryptography has reduced
its effectiveness Monitoring has shown that rapid re-signing leaves roughly 19.8%
of data vulnerable to replays
![Page 6: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/6.jpg)
6
A New Concept: Public-Space Trust doesn’t have to be predicated on the status of
deployments Track public actions instead
Public actions can be subjected to scrutiny Anyone may publish data
Who has published data, its consistency, and its history can let each individual judge its veracity Misbehavior like Man-in-the-Middle (MITM) attacks cannot be
denied when done in the Public-Space Global consistency can be evaluated by polling from
multiple locations Local MITM attacks can be globally refuted in public
![Page 7: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/7.jpg)
7
Public-Space Systems We record what is done rather than mandate
what operators must do / who they must trust SecSpider
DNSSEC key learning Because DNSSEC’s PKI has not evolved
BGP-Origins BGP prefix attestation system Because BGP does not have a PKI
![Page 8: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/8.jpg)
8
SecSpiderhttp://secspider.cs.ucla.edu/ Learns keys from many
global pollers Keys are tracked over time Serves globally consistent keys Anyone can verify keys they
have looked up Adversaries must compromise all pollers to subvert the
Public-Space Results are not provably correct but practically effective Data owners check the Public-Space for correctness
SecSpider is not a data authority We are formalizing this approach to achieve security through
publicity
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
![Page 9: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/9.jpg)
9
BGP-Originshttp://www.bgp-origin.org/ BGP allows any Autonomous System (AS) to
announce that it hosts any IP addresses (prefixes) ASes send out false announcements sometimes
Pakistan hijacked YouTube by announcing its prefixes BGP-Origins uses global monitors (RouteViews) and
tracks which ASes have announced which prefixes Also, any user can attest to a prefix-AS binding
Operators could have attested to the proper binding of YouTube’s prefixes to avoid the hijack
Users decide whom to trust and discard attestations from unknown parties
![Page 10: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/10.jpg)
10
Ongoing Work Are conventional PKIs a good fit for the Internet?
Operational groups disagree on many “trust” issues Public-Space applications are maturing
Increasing usage is coming with ongoing publicity at operational meetings
Public-Space can be a substitute for the missing PKI in DNSSEC’s partially deployed state Users can verify data against what is in the Public-Space
With no PKI for BGP, the Public-Space uses real-world trust that already exists between operators Addresses attacks and misconfigurations
![Page 11: 1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.](https://reader036.fdocuments.us/reader036/viewer/2022082601/5a4d1b7d7f8b9ab0599b9cd0/html5/thumbnails/11.jpg)
11
Thank YouQuestions?