Security of Authentication Protocols with Compromised Certificates

概要

論文の詳細を見る
The security of authentication protocols based on public key cryptography depends on the validity of the certificate. Usually, it is assumed that a well deployed PKI can guarantee the validity of certificates at all time through mechanisms such as CRL or OCSP. In reality, such guarantee is not always assured. It is therefore necessary to analyze the security of these protocols in such "faulty" circumstances and to provide a measure of how fault-tolerant such protocols are. This paper describes the results of our analysis of public key based authentication protocols in various situations with compromised certificates. It is shown that in addition to trivial attacks as the result of compromised certificates, serious attacks are possible. Our results also demonstrate why it is necessary to use the hash of all handshake messages in "certificate verify" step of TLS rather than just a few "critical components" as suggested in [8].
一般社団法人電子情報通信学会の論文
2000-01-25