Analysis of the HTTPS certificate ecosystem

Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC

Volumn , Issue , 2013, Pages 291-303

  Durumeric, Zakir ^a   Kasten, James ^a   Bailey, Michael ^a   Halderman, J Alex ^a  

^a UNIVERSITY OF MICHIGAN   (United States)

Author keywords

Certificates; HTTPS; Internet wide scanning; Measurement; Public key infrastructure; Security; SSL; TLS; X.509

Indexed keywords

CERTIFICATES; HTTPS; PUBLIC KEY INFRASTRUCTURE; SECURITY; SSL; TLS; X.509;

ECOSYSTEMS; INTERNET; MEASUREMENTS; SURVEYING INSTRUMENTS;

HTTP;

EID: 84890078634     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2504730.2504755     Document Type: Conference Paper

References (35)

1. Alexa Top 1,000,000 Sites. http://s3.amazonaws.com/alexa-static/top-1m. csv.zip.
2. Facts about ipsCA, April 2013. http://certs.ipsca.com/companyIPSipsCA/ competitorssay.asp.
3. WebTrust for Certification Authorities - SSL Baseline Requirements Audit Criteria v. 1.1, Jan. 2013. http://www.webtrust.org/homepage-documents/ item72056.pdf.
4. D. Akhawe, B. Amann, M. Vallentin, and R. Sommer. Here's my cert, so trust me, maybe? Understanding TLS errors on the web. In Proceedings of the 22nd international conference on the World Wide Web, pages 59-70, 2013.
5. E. Barker, W. Barker, W. Burr, W. Polk, and M. Smid. Recommendation for Key Management - Part 1: General (Revision 3), 2012. http://csrc.nist.gov/ publications/nistpubs/800-57/sp800-57-part1-rev3-general.pdf.
6. E. Barker and A. Roginsky. Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, Jan. 2011. http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf.
7. L. Bello. DSA-1571-1 OpenSSL - Predictable random number generator, 2008. Debian Security Advisory. http://www.debian.org/security/2008/dsa-1571.
8. S. Bhat. Gmail users in Iran hit by MITM Attacks, Aug. 2011. http://techie-buzz.com/tech-news/gmail-iran-hit-mitm.html.
9. S. Blake-Wilson, M. Nystrom, D. Hopwood, J. Mikkelsen, and T. Wright. Transport Layer Security (TLS) Extensions. RFC 3546 (Proposed Standard), June 2003.
10. CA/Browser Forum. Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates, v.1.1, Nov. 2011. https://www.cabforum.org/ Baseline-Requirements-V1-1.pdf.
11. D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard), May 2008. Updated by RFC 6818.
12. T. Dierks and E. Rescorla. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard), Aug. 2008. Updated by RFCs 5746, 5878, 6176.
13. Z. Durumeric, E. Wustrow, and J. A. Halderman. ZMap: Fast Internet-wide scanning and its security applications. In Proceedings of the 22nd USENIX Security Symposium, Aug. 2013.
14. P. Eckersley and J. Burns. An observatory for the SSLiverse. Talk at Defcon 18 (2010). https://www.eff.org/files/DefconSSLiverse.pdf.
15. N. Heninger. Factoring as a service, Aug. 2013. Talk at CRYPTO Rump Session 2013. http://crypto.2013.rump.cr.yp.to/981774ce07e51813fd4466612a78601b. pdf.
16. N. Heninger, Z. Durumeric, E. Wustrow, and J. A. Halderman. Mining your Ps and Qs: Detection of widespread weak keys in network devices. In 21st USENIX Security Symposium, Aug. 2012.
17. R. Holz, L. Braun, N. Kammenhuber, and G. Carle. The SSL landscape: A thorough analysis of the X.509 PKI using active and passive measurements. In 11th ACM SIGCOMM conference on Internet measurement (IMC), 2011.
18. R. Housley, W. Ford, W. Polk, and D. Solo. Internet X.509 public key infrastructure certificate and CRL profile. (2459), Jan. 2009.
19. J. Kasten, E. Wustrow, and J. A. Halderman. Cage: Taming certificate authorities by inferring restricted scopes. In 17th International Conference on Financial Cryptography and Data Security (FC), 2013.
20. T. Kleinjung, K. Aoki, J. Franke, A. Lenstra, E. Thomé, J. Bos, P. Gaudry, A. Kruppa, P. Montgomery, D. Osvik, et al Factorization of a 768-bit rsa modulus. In Advances in Cryptology-CRYPTO 2010, pages 333-350. Springer, 2010.
21. A. Langley. Enhancing digital certificate security. Google Online Security Blog, http://googleonlinesecurity.blogspot.com/2013/01/enhancing- digital-certificate-security.html, Jan. 2013.
22. A. K. Lenstra, J. P. Hughes, M. Augier, J. W. Bos, T. Kleinjung, and C. Wachter. Ron was wrong, Whit is right. IACR Cryptology ePrint Archive, 2012: 64, 2012.
23. M. Marlinspike. SSL and the future of authenticity, Aug. 2011. Talk at BlackHat 2011. http://www.thoughtcrime.org/blog/ssl-and-the-future-of- authenticity/.
24. N. Mathewson and N. Provos. libevent - An event notification library. http://libevent.org.
25. Netcraft, Ltd. Web server survey. http://news.netcraft.com/archives/2013/ 05/03/may-2013-web-server-survey.html, May 2013.
26. NetMarketShare. Desktop operating system market share, Apr. 2013. http://www.netmarketshare.com/operating-system-market-share.aspx.
27. M. D. Network. Mozilla network security services (nss). http://www.mozilla.org/projects/security/pki/nss/.
28. J. Nightingale. Comodo Certificate Issue - Follow Up, Mar. 2011. https://blog.mozilla.org/security/2011/03/25/comodo-certificate-issue-follow-up/ .
29. E. Rescorla. SSL and TLS: designing and building secure systems, Volume 1. Addison-Wesley Reading, 2001.
30. R. Richmond. Comodo fraud incident, Mar. 2011. http://www.comodo.com/ Comodo-Fraud-Incident-2011-03-23.html.
31. I. Ristic. Internet SSL survey 2010. Talk at BlackHat 2010. http://media.blackhat.com/bh-ad-10/Ristic/BlackHat-AD-2010-Ristic-Qualys-SSL- Survey-HTTP-Rating-Guide-slides.pdf.
32. A. Sotirov, M. Stevens, J. Appelbaum, A. Lenstra, D. Molnar, D. A. Osvik, and B. de Weger. MD5 considered harmful today. http://www.win.tue.nl/hashclash/ rogue-ca/.
33. J. Viega, M. Messier, and P. Chandra. Network Security with OpenSSL: Cryptography for Secure Communications. O'Reilly, 2002.
34. K. Wilson. Bug 523652 - IPS action items re IPS SERVIDORES root certificate, Nov. 2009. https://bugzilla.mozilla.org/show-bug.cgi?id=523652.
35. S. Yilek, E. Rescorla, H. Shacham, B. Enright, and S. Savage. When private keys are public: results from the 2008 Debian OpenSSL vulnerability. In 2009 ACM SIGCOMM Internet Measurement Conference, pages 15-27.