Authentication Approaches Phillip Hallam-Baker VeriSign Inc.
Why? Authentication + Authorization = Access Control Authentication –IP Address –Cryptographic Authorization – Address Whitelists –Domain Whitelists[example.com] –Payment[$0.01 stamp]
How Strong is Enough? LIST Kiddies –Like a script kiddie but they pay for the mailing list –Actually a spam victim, they get worthless service in return SPAM Houses –Will adapt to heuristic authentication approaches But it will cost them
PKI Infrastructure exists to –Ensure that a party owns the purported domain name –Ensure that legal process can be served on the certificate holder –With a high (but not absolute) degree of confidence SECURITY IS RISK CONTROL NOT RISK ELIMINATION
Deployment Argument Authentication Compliments Filtering –Network effect, aka Chicken and Egg problem Avoid false positives –Without creating backdoors ‘Allow all mail from hotmail.com, they use rate limiting’ Allows more aggressive criteria Cryptographic Authentication is robust –Asymmetric work factor –No viable counter-strategies
Problem – Insecure by Default Downgrade attack –I can tell a signed message comes from the sender –I cannot assume an unsigned message is false Key is to know the security policy of the domain
DNS Based Security Policy Reverse IP look up –Some Current Use –Only demonstrates that the IP address has been assigned IPv4 address exhaustion will make this uninteresting –Configuration problem – servers handling 1000’s of domains –Many ISPs do not delegate reverse DNS as they should Get a new ISP is an idiotic deployment strategy
Forward DNS Address based authentication –RCPT From [Vixie] –Reverse MX –Pro: Lightweight, almost costless –Pro: Obsoletes most existing spamware –Con: Could be vulnerable to new spamware –Con: Some operational issues –Con: Only works if mail from domain is relayed
Generalized Security Policy Security Policy Advertisement Mechanism –Advertise any form of security policy ALWAYS comes from address X, Y or Z OPTIONAL uses STARTTLS, cert root has SHA1 P OPTIONAL uses S/MIME, cert root has SHA1 Q OPTIONAL uses PGP, validate against XKMS R NEVER uses NULL Authentication –Can be generalized to other protocols IPSEC, SSH, NNTP, POP, IMAP…
This is Just a Bug We Are going to FIX IT