TY - GEN
T1 - Firm grip handshakes
T2 - 11th International Conference on Cryptology and Network Security, CANS 2012
AU - Berkman, Omer
AU - Pinkas, Benny
AU - Yung, Moti
N1 - Place of conference:Darmstadt, Germany
PY - 2012
Y1 - 2012
N2 - Clients trust servers over the Internet due to their trust in digital signatures of certification authorities (CAs) which comprise the Internet's trust infrastructure. Based on the recent DigiNotar attack and other attacks on CAs, we formulate here a very strong attack denoted "Certificate in The Middle" (CiTM) and propose a mitigation for this attack. The solution is embedded in a handshake protocol and makes it more robust: It adds to the usual aspect of "CA vouching" a client side vouching for the server "continuity of service," thus, allowing clients and server to detect past and future breaches of the trust infrastructure. We had simplicity, flexibility, and scalability in mind, solving the problem within the context of the protocol (with the underlying goal of embedding the solution in the TLS layer) with minor field changes, minimal cryptographic additions, no interaction with other protocol layers, and no added trusted parties.
AB - Clients trust servers over the Internet due to their trust in digital signatures of certification authorities (CAs) which comprise the Internet's trust infrastructure. Based on the recent DigiNotar attack and other attacks on CAs, we formulate here a very strong attack denoted "Certificate in The Middle" (CiTM) and propose a mitigation for this attack. The solution is embedded in a handshake protocol and makes it more robust: It adds to the usual aspect of "CA vouching" a client side vouching for the server "continuity of service," thus, allowing clients and server to detect past and future breaches of the trust infrastructure. We had simplicity, flexibility, and scalability in mind, solving the problem within the context of the protocol (with the underlying goal of embedding the solution in the TLS layer) with minor field changes, minimal cryptographic additions, no interaction with other protocol layers, and no added trusted parties.
UR - http://www.scopus.com/inward/record.url?scp=84872708085&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-35404-5_12
DO - 10.1007/978-3-642-35404-5_12
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84872708085
SN - 9783642354038
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 142
EP - 157
BT - Cryptology and Network Security - 11th International Conference, CANS 2012, Proceedings
Y2 - 12 December 2012 through 14 December 2012
ER -