The SSL landscape: A thorough analysis of the X.509 PKI using active and passive measurements

Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC

Volumn , Issue , 2011, Pages 427-443

  Holz, Ralph ^a   Braun, Lothar ^a   Kammenhuber, Nils ^a   Carle, Georg ^a  

^a TECHNICAL UNIVERSITY OF MUNICH   (Germany)

Author keywords

certificates; HTTPS; public key infrastructure; SSL; TLS; X.509

Indexed keywords

CERTIFICATES; HTTPS; PUBLIC KEY INFRASTRUCTURE; SSL; TLS; X.509;

HTTP; INTERNET; INTERNET PROTOCOLS; PUBLIC KEY CRYPTOGRAPHY;

QUALITY CONTROL;

EID: 82955197322     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2068816.2068856     Document Type: Conference Paper

References (32)

1. D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk, "Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile," RFC 5280 (Proposed Standard), May 2008.
2. T. Dierks and E. Rescorla, "The transport layer security (TLS) protocol version 1.2," RFC 5246 (Proposed Standard), Aug. 2008, updated by RFCs 5746, 5878, 6176.
3. J. Appelbaum, "Detecting certificate authority compromises and Web browser collusion," Blog entry: https://blog.torproject.org/blog/detecting- certificate-authority-compromises-and-web-browser-collusion, 2011, [online; last retrieved in May 2011].
4. Mozilla Security Blog, "DigiNotar removal follow up,"https://blog.mozilla.com/security/2011/09/02/diginotar-removal-follow- up/ [online; last retrieved in September 2011], 2011.
5. C. Herley, "So long, and no thanks for the externalities: the rational rejection of security advice by users," in Proc. 2009 Workshop on New Security Paradigms. New York, NY, USA: ACM, 2009.
6. C. Ellison and B. Schneier, "Ten risks of PKI: What you're not being told about public key infrastructure," Computer Security Journal, vol. 16, no. 1, 2000.
7. P. Gutmann, "PKI: It's not dead, just resting," IEEE Computer, vol. 35, no. 8, August 2002.
8. P. Eckersley and J. Burns, "An observatory for the SSLiverse," Talk at Defcon 18., July 2010, [last retrieved in May 2011]. [Online]. Available: https://www.eff.org/files/DefconSSLiverse.pdf
9. P. Eckersley and J. Burns, "Is the SSLiverse a safe place?"Talk at 27C3. Slides from https://www.eff.org/files/ccc2010.pdf [online; last retrieved in May 2011], 2010.
10. I. Ristic, "Internet SSL Survey 2010," Talk at BlackHat 2010. Slides from https://media.blackhat.com/bh-us-10/presentations/Ristic/BlackHat- USA-2010-Ristic-Qualys-SSL-Survey-HTTP-Rating-Guide-slides.pdf, 2010, [online; last retrieved in May 2011].
11. I. Ristic, "State of SSL," Talk at InfoSec World 2011. Slides from http://blog.ivanristic.com/Qualys-SSL-Labs-State-of-SSL-InfoSec-World- April-2011.pdf, 2011, [online; last retrieved in May 2011].
12. Alexa Internet Inc., "Top 1,000,000 sites (updated daily),"http://s3.amazonaws.com/alexa-static/top-1m.csv.zip, 2009-2011, [online; last retrieved in May 2011].
13. H. K. Lee, T. Malkin, and E. Nahum, "Cryptographic strength of SSL/TLS servers: Current and recent practices,"in Proc. 7th ACM SIGCOMM Conference on Internet Measurement (IMC), San Diego, CA, USA, October 2007.
14. S. Yilek, E. Rescorla, H. Shacham, B. Enright, and S. Savage, "When private keys are public - results from the 2008 Debian OpenSSL vulnerability," in Proc. 9th ACM SIGCOMM Conference on Internet Measurement (IMC), Chicago, Illinois, USA, Nov. 2009.
15. Data sets of active scans, http://pki.net.in.tum.de, 2011.
16. A. Croll and S. Power, Complete Web Monitoring. O'Reilly Media, 2009.
17. L. Braun, G. Münz, and G. Carle, "Packet sampling for worm and botnet detection in TCP connections," in Proc. IEEE/IFIP Network Operations and Management Symposium (NOMS), Apr. 2010.
18. S. Kornexl, V. Paxson, H. Dreger, A. Feldmann, and R. Sommer, "Building a time machine for efficient recording and retrieval of high-volume network traffic," in Proc. 5th ACM SIGCOMM Conference on Internet Measurement (IMC), Berkeley, CA, USA, Oct. 2005.
19. L. Braun, A. Didebulidze, N. Kammenhuber, and G. Carle, "Comparing and improving current packet capturing solutions based on commodity hardware," in Proc. 10th ACM SIGCOMM Conference on Internet Measurement (IMC), Nov 2010.
20. F. Fusco and L. Deri, "High speed network traffic analysis with commodity multi-core systems," in Proc. 10th ACM SIGCOMM Conference on Internet Measurement (IMC), Nov 2010.
21. V. Paxson, "Bro: a system for detecting network intruders in real-time," Computer networks, vol. 31, no. 23-24, 1999.
22. H. Dreger, A. Feldmann, M. Mai, V. Paxson, and R. Sommer, "Dynamic Application-Layer Protocol Analysis for Network Intrusion Detection," in Proc. USENIX Security Symposium, Apr. 2006.
23. Planet Lab, "Planet LabWeb site,"https://www.planet-lab.org [online; last retrieved in May 2011].
24. The International Grid Trust Federation, "IGTF Web site,"http://www.igtf.net/ [online; last retrieved in May 2011].
25. A. Klein, "Attacks on the RC4 stream cipher," Designs, Codes and Cryptography, vol. 48, 2008.
26. E. Rescorla, "HTTP over TLS," RFC 2818 (Informational), 2000.
27. CA/Browser Forum, "EV SSL certificate guidelines version 1.3," http://www.cabforum.org/Guidelines-v1-3.pdf, 2010, [online; last retrieved in May 2011].
28. M. Stevens, A. Lenstra, and B. de Weger, "Chosen-prefix collisions for MD5 and colliding X.509 certificates for different identities," in Advances in Cryptology - EUROCRYPT 2007, ser. LNCS. Springer Berlin / Heidelberg, 2007, vol. 4515.
29. NIST, "Approved Algorithms,"http://csrc.nist.gov/groups/ST/ toolkit/secure-hashing.html, 2006, [online; last retrieved in May 2011].
30. A. Sotirov, M. Stevens, J. Appelbaum, A. Lenstra, D. Molnar, D. A. Osvik, and B. de Weger, "MD5 considered harmful today,"http://dl. packetstormsecurity.net/papers/attack/md5-considered-harmful.pdf, 2008, [online; last retrieved in May 2011].
31. T. Kleinjung, K. Aoki, J. Franke, A. Lenstra, E. Thomé, J. Bos, P. Gaudry, A. Kruppa, P. Montgomery, D. Osvik, H. te Riele, A. Timofeev, and P. Zimmermann, "Factorization of a 768-bit RSA modulus," in Advances in Cryptology - CRYPTO 2010, ser. Lecture Notes in Computer Science. Springer Berlin / Heidelberg, 2010, vol. 6223.
32. NIST, "Special publications (800 Series),"http://csrc.nist.gov/ publications/PubsSPs.html, 2011, [online; last retrieved in May 2011].