Security Through Publicity Eric Osterweil Dan Massey Batsukh Tsendjav Beichuan Zhang Lixia Zhang.

Slides:

Advertisements

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Advertisements

Cryptography and Network Security

COEN 350 Public Key Infrastructure. PKI Task: Securely distribute public keys. Certificates. Repository for retrieving certificates. Method for revoking.

Lecture 18 Page 1 CS 236 Online DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses –E.g., thesiger.cs.ucla.edu.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

Computer Security Key Management. Introduction We distinguish between a session key and a interchange key ( long term key ). The session key is associated.

Securing the Border Gateway Protocol (S-BGP) Dr. Stephen Kent Chief Scientist - Information Security.

Computer Security Key Management

Network Infrastructure Security Research at Colorado State University Dan Massey November 19, 2004.

1 SecSpider: Distributed DNSSEC Monitoring Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Security and Information Assurance for the DNS Dan Massey USC/ISI.

1 Observations from the DNSSEC Deployment Dan Massey Colorado State University Joint work with Eric Osterweil and Lixia Zhang UCLA.

1 The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.

Chapter 8 Web Security.

PKI To The Masses IPCCC 2004 Dan Massey USC/ISI. 1 March PKI Is Necessary l My PKI related actions since arriving at IPCCC n Used an.

Security Management.

Domain Name System Security Extensions (DNSSEC) Hackers 2.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

Deploying DNSSEC in Windows Server 2012 Rob Kuehfus Program Manager Microsoft Corporation WSV325.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.

1 DNSSEC at ESnet ESCC/Internet2 Joint Techs Workshop July 19, 2006 R. Kevin Oberman Network Engineer Lawrence Berkeley National Laboratory.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

CSUF Chapter 6 1. Computer Networks: Domain Name System 2.

Distributed Systems. Outline  Services: DNSSEC  Architecture Models: Grid  Network Protocols: IPv6  Design Issues: Security  The Future: World Community.

IIT Indore © Neminath Hubballi

ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.

Olaf M. Kolkman. Domain Pulse, February 2005, Vienna. DNSSEC Basics, Risks and Benefits Olaf M. Kolkman

Paper Presentation – CAP Page 2 Outline Review - DNS Proposed Solution Simulation Results / Evaluation Discussion.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.

Configuring Directory Certificate Services Lesson 13.

Olaf M. Kolkman. Apricot 2005, February 2005, Kyoto. DNSSEC An Update Olaf M. Kolkman

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

1 DNSSEC Transforming a protocol bug into an admin tool Lutz Donnerhacke db089309: 1c1c 6311 ef09 d819 e029 65be bfb6 c9cb.

Protocols for public-key management. Key management –two problems Distribution of public keys (for public- key cryptography) Distribution of secret keys.

Security in DNS(DNSSEC) Yalda Edalat Pramodh Pallapothu.

Zone State Revocation (ZSR) for DNSSEC Eric Osterweil (UCLA) Vasileios Pappas (IBM Research) Dan Massey (Colorado State Univ.) Lixia Zhang (UCLA)

Reputation Systems Thomas Choi COMP 5104 March 5, 2008.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Using Public Key Cryptography Key management and public key infrastructures.

DNS Security Extension 1. Implication of Kaminsky Attack Dramatically reduces the complexity and increases the effectiveness of DNS cache poisoning –No.

DNS Security 1. Fundamental Problems of Network Security Internet was designed without security in mind –Initial design focused more on how to make it.

By Team Trojans -1 Arjun Ashok Priyank Mohan Balaji Thirunavukkarasu.

Building Trust with Anchors Eric Osterweil Dan Massey Lixia Zhang 1.

Lecture 18 Page 1 CS 236, Spring 2008 DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses –E.g., thesiger.cs.ucla.edu.

Ch 6: DNSSEC and Beyond Updated DNSSEC Objectives of DNSSEC Data origin authentication – Assurance that the requested data came from the genuine.

1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.

1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

Internet infrastructure 1. Infrastructure Security r User expectations  Reliable service  Reliable endpoints – although we know of spoofing and phishing.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Key management issues in PGP

Presented by Edith Ngai MPhil Term 3 Presentation

DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.

DNS Security Advanced Network Security Peter Reiher August, 2014

IT443 – Network Security Administration Instructor: Bo Sheng

DNS Cache Poisoning Attack

DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.

S/MIME T ANANDHAN.

The Issue We all depend on the Internet

DNSSEC Basics, Risks and Benefits

DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.

DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses E.g., thesiger.cs.ucla.edu translates to DNS.

Presentation transcript:

Security Through Publicity Eric Osterweil Dan Massey Batsukh Tsendjav Beichuan Zhang Lixia Zhang

Motivation Security threats are a driving force in current protocol design Public key cryptography is common tool DNSSEC authenticates DNS messages Various BGP Security authenticates routing And many many more….. Protocols are now established relatively mature Deployment is essentially non-existent Everything works if only there was a PKI….

Example: DNS Security Caching DNS Server End-user = Plus (RSA) signature by the darpa.mil private key Attacker can not forge this answer without the darpa.mil private key. Our Problem: How Do You Get The Public Key? Authoritative DNS Servers

Public Key Infrastructure Well known hierarchical PKIs Ex: Web certificate authorities exist Protocols propose rigid PKIs DNSSEC follows DNS tree Internet routing follows address registration But This Assumes that Everyone agrees on the hierarchy Hierarchy members agree to manage keys

DNSSEC Hierarchy

DNSSEC Hierarchical PKI DNSSEC PKI follows the DNS tree hierarchy Root private key signs edu public key Edu private key signs ucla.edu public key Ucla.edu private key signs cs.ucla.edu public key But this assumes that… Hierarchy members agree to manage keys Root, com, edu, etc not motivated to sign until lower level zones sign Lower level zones get little benefit with PKI via root, com, edu, etc. Everyone agrees on the hierarchy Some signatures naturally deviate from tree Ex: netsec.cs.colostate.edu signs netsec.cs.ucla.edu

Webs and Reputations Web of Trust (PGP) Small World effect Trust is not transitive, or explicit Only addresses keys (no accountability for actions) No root of trust graph = no stipulated trusted authority Webs tend to be incomplete Reputation Systems Generally create a high-level trust rating Looks like a credit score Trust is subjective in large systems No central authority to set reputation rules If there was such an authority, we would make it a CA!

Our Proposed Solution: PSKI Predicated on the Public Space and that it is a complete data set of actions Data guaranteed to be complete, not correct! Protocols that use the PSKI must perform all actions in the public space Forcing all data into public view can create problems for incorrect data…. Beyond the Web of Trust: Web of Trust does not represent actions Tracing bad behavior is not possible

What About Privacy? The PSKI is initially designed to work in systems where privacy is not an issue We feel that the initial protocols that use the PSKI will operate on public data sets (well known data) Example: DNS Security No privacy concern in posting zone keys and signatures used to authenticate zone keys.

Public Space in DNS DNSSEC defines it own semantics for storing keys and signing records. The public space then mandates that these actions must be made public. PSKI lists all DNSKEYs every reported to belong to the zone All on-tree signatures and all off-tree signatures Some PSKI semantics added for storing this PSKI enforces completeness rule Resolvers judge trustworthiness

PSKI - Components Entities: The public key for a zone May be conflicts (two keys both claim to be ucla.edu) And its associated actions Trust Graph: Graph RRSIG records that represent cross-signed DNSKEYs Actions: Cryptographic audit-trail

DNSSEC in the PSKI

Going Forward Construct rigorous semantics Investigate issues surrounding privacy Grouping Entities Similar to Zones in DNSSEC Keys are 1-to-1 with Entities BUT apps like DNSSEC zones are n-to-1

Going Forward (2) Lack of a PKI has been a major barrier for sometime Current protocols (DNSSEC, secure routing, etc.) are being gated Can we store complete information? What kind of abstraction crystallizes zones and signatures?

Thank You Questions?

Goals Developing key infrastructures for the Internet Goals for this key infrastructure offer a rigorous framework must scale must impart some semantics that facilitate trust assessment

Backup

Observations Internet-scale key infrastructures do not exist PKIs seem too rigid for such a scale Web of trust does not impart enough rigor for trust New secure protocols need to be built, and need a generic infrastructure

PSKI Details - Entities Key ID Key Inception / Expiration

PSKI Details - Trust Graph Entities Entity cross signatures Lapses of Entity registration An Entity is allowed to expire, then renewed later Rollover information

PSKI Details - Actions Lookup-key Entity Action Type Inception / Expiration Target of Action

PSKI Details - Entities’ Actions Entities relate to their actions with meta- data: How often an Entity has signed for data How many active/unexpired Links to actions Current conflicts (with other Entity signatures) Total number of conflicts for this Entity