1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang.

Slides:

Advertisements

Similar presentations

The Role of a Registry Certificate Authority Some Steps towards Improving the Resiliency of the Internet Routing System: The Role of a Registry Certificate.

Advertisements

1 Securing BGP using DNSSEC Lutz Donnerhacke db089309: 1c1c 6311 ef09 d819 e029 65be bfb6 c9cb.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Martin Suchara in collaboration with I. Avramopoulos and J. Rexford How Small Groups Can Secure Interdomain Routing.

BGP Security APNIC Open Policy Meeting Routing SIG 23 February 2005 Kyoto, Japan Russ Housley

BGP Multiple Origin AS (MOAS) Conflict Analysis Xiaoliang Zhao, NCSU S. Felix Wu, UC Davis Allison Mankin, Dan Massey, USC/ISI Dan Pei, Lan Wang, Lixia.

Validation Algorithms for a Secure Internet Routing PKI David Montana Mark Reynolds BBN Technologies.

DNSSEC & Validation Tiger Team DHS Federal Network Security (FNS) & Information Security and Identity Management Committee (ISIMC) Earl Crane Department.

What’s Next: DNSSEC & RPKI Mark Kosters. Why are DNSSEC and RPKI Important Two critical resources – DNS – Routing Hard to tell when it is compromised.

Lecture 18 Page 1 CS 236 Online DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses –E.g., thesiger.cs.ucla.edu.

By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.

Computer Networks: Domain Name System. The domain name system (DNS) is an application-layer protocol for mapping domain names to IP addresses Vacation.

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

1 SecSpider: Distributed DNSSEC Monitoring Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.

1 Observations from the DNSSEC Deployment Dan Massey Colorado State University Joint work with Eric Osterweil and Lixia Zhang UCLA.

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

Interdomain Routing Security Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays.

Lightwave Communications Research Laboratory Princeton University SoBGP vs SBGP Sharon Goldberg Princeton Routing Security Seminar June 27, 2006 and July.

Inter-domain Routing security Problems Solutions.

INF 123 SW ARCH, DIST SYS & INTEROP LECTURE 17 Prof. Crista Lopes.

1 The State and Challenges of the DNSSEC Deployment Eric Osterweil Michael Ryan Dan Massey Lixia Zhang.

CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

DNS Security Extensions (DNSSEC) Ryan Dearing. Topics History What is DNS? DNS Stats Security DNSSEC DNSSEC Validation Deployment.

DNS-centric PKI Sean Turner Russ Housley Tim Polk.

Foundations of Network and Computer Security J J ohn Black Lecture #35 Dec 9 th 2009 CSCI 6268/TLEN 5550, Fall 2009.

PKI To The Masses IPCCC 2004 Dan Massey USC/ISI. 1 March PKI Is Necessary l My PKI related actions since arriving at IPCCC n Used an.

Domain Name System Security Extensions (DNSSEC) Hackers 2.

Measuring DANE TLSA Deployment Liang Zhu 1, Duane Wessels 2, Allison Mankin 2, John Heidemann 1 1. USC ISI 2. Verisign Labs 1.

Domain Name System | DNSSEC. 2  Internet Protocol address uniquely identifies laptops or phones or other devices  The Domain Name System matches IP.

APNIC eLearning: Intro to RPKI 10 December :30 PM AEST Brisbane (UTC+10)

A LIGHT-WEIGHT DISTRIBUTED SCHEME FOR DETECTING IP PREFIX HIJACKS IN REAL TIME Changxi Zheng, Lusheng Ji, Dan Pei, Jia Wang and Paul Francis. Cornell University,

1 DNSSEC at ESnet ESCC/Internet2 Joint Techs Workshop July 19, 2006 R. Kevin Oberman Network Engineer Lawrence Berkeley National Laboratory.

Olaf M. Kolkman. Domain Pulse, February 2005, Vienna. DNSSEC Basics, Risks and Benefits Olaf M. Kolkman

Sanzi-1 CSE5 810 CSE5810: Intro to Biomedical Informatics Dynamically Generated Adaptive Credentials for Health Information Exchange Eugene Sanzi.

Security Through Publicity Eric Osterweil Dan Massey Batsukh Tsendjav Beichuan Zhang Lixia Zhang.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

TODAY & TOMORROW DAY 2 - GROUP 5 PRESENTED BY: JAMES SPEIRS CHARLES HIGBY BRADY REDFEARN Domain Name System (DNS)

Adapted from the original presentation made by the authors Reputation-based Framework for High Integrity Sensor Networks.

Interdomain Routing Security. How Secure are BGP Security Protocols? Some strange assumptions? – Focused on attracting traffic from as many Ases as possible.

A Firewall for Routers: Protecting Against Routing Misbehavior1 June 26, A Firewall for Routers: Protecting Against Routing Misbehavior Jia Wang.

Perspectives: Improving SSH- Style Host Authentication with Multi-Path Probing Analysis and Comments Gregory T. Hoffer CS7123 – Research Seminar (Dr. Qi.

Secure Origin BGP: What is (and isn't) in a name? Dan Wendlandt Princeton Routing Security Reading Group.

DNS Session 5 Additional Topics Joe Abley AfNOG 2006, Nairobi, Kenya.

Zone State Revocation (ZSR) for DNSSEC Eric Osterweil (UCLA) Vasileios Pappas (IBM Research) Dan Massey (Colorado State Univ.) Lixia Zhang (UCLA)

Reputation Systems Thomas Choi COMP 5104 March 5, 2008.

1 X.509-style PKI Revolves around the distribution and management of digital identity certificates Invented in 1978 to facilitate message encryption In.

DNS Security Extension 1. Implication of Kaminsky Attack Dramatically reduces the complexity and increases the effectiveness of DNS cache poisoning –No.

Measures to prevent MITM attack and their effectiveness CSCI 5931 Web Security Submitted By Pradeep Rath Date : 23 rd March 2004.

1 APNIC Trial of Certification of IP Addresses and ASes RIPE October 2005 Geoff Huston.

Status Report SIDR and Origination Validation Geoff Huston SIDR WG, IETF 71 March 2008.

By Team Trojans -1 Arjun Ashok Priyank Mohan Balaji Thirunavukkarasu.

Building Trust with Anchors Eric Osterweil Dan Massey Lixia Zhang 1.

Lecture 18 Page 1 CS 236, Spring 2008 DNS Security The Domain Name Service (DNS) translates human-readable names to IP addresses –E.g., thesiger.cs.ucla.edu.

Naming in Content-Oriented Architectures 1. select produce Data publishing RWINameKey Data own certify 2.

CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.

Grades update. Homework #1 Count35 Minimum Value47.00 Maximum Value Average

Lecture 18 Page 1 CS 236 Online Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems.

One Hop for RPKI, One Giant Leap for BGP Security Yossi Gilad (Hebrew University) Joint work with Avichai Cohen (Hebrew University), Amir Herzberg (Bar.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Key management issues in PGP

Security Issues with Domain Name Systems

DNS Security Advanced Network Security Peter Reiher August, 2014

Why don’t we have a Secure and Trusted Inter-Domain Routing System?

COS 561: Advanced Computer Networks

DNSSEC & KSK Rollover Patrick Jones Middle East DNS Forum & APTLD 75

Presentation transcript:

1 Is an Internet PKI the Right Approach? Eric Osterweil Join work with: Dan Massey and Lixia Zhang

2 Life in the Internet The Internet is a uniquely challenging environment to deploy systems because: It is immense It is has a highly diverse makeup Its constituent components are constantly in flux and are administered by independent authorities As a result, systems must be designed to tolerate: Constant configuration errors, incremental deployments (which may take years), and diverse opinions on who is trustworthy

3 Problems The Internet’s heterogeneity makes it difficult for systems to rely on being fully deployed Systems must function while being incrementally deployed, broken, etc. Internet parties are notorious for not agreeing whom to trust Choosing “trusted authorities” often sparks debate Successful Internet Systems tend to be very tolerant of misconfigurations and multiple independent opinions Like DNS and BGP

4 DNS has tried Crypto The DNS Security Extensions (DNSSEC) RFCs Approach: a PKI following DNS’ hierarchy A single “island of security” rooted at DNS’ root zone Everyone trusts the root DNSSEC uses public key cryptography Each zone signs all of its own data, and the keys for its children zones too By bootstrapping with a single key (trust-anchor) from the root, all keys can be recursively learned

5 DNSSEC Status Today Only 10,459 secure zones have deployed Only about 900 seem to be production Root zone has not signed Rather than a single island there are % are singleton (isolated) zones This means 662 trust-anchors would be needed How can the keys for this many independent zones by globally verified? Operational management of cryptography has reduced its effectiveness Monitoring has shown that rapid re-signing leaves roughly 19.8% of data vulnerable to replays

6 A New Concept: Public-Space Trust doesn’t have to be predicated on the status of deployments Track public actions instead Public actions can be subjected to scrutiny Anyone may publish data Who has published data, its consistency, and its history can let each individual judge its veracity Misbehavior like Man-in-the-Middle (MITM) attacks cannot be denied when done in the Public-Space Global consistency can be evaluated by polling from multiple locations Local MITM attacks can be globally refuted in public

7 Public-Space Systems We record what is done rather than mandate what operators must do / who they must trust SecSpider DNSSEC key learning Because DNSSEC’s PKI has not evolved BGP-Origins BGP prefix attestation system Because BGP does not have a PKI

8 SecSpider Learns keys from many global pollers Keys are tracked over time Serves globally consistent keys Anyone can verify keys they have looked up Adversaries must compromise all pollers to subvert the Public-Space Results are not provably correct but practically effective Data owners check the Public-Space for correctness SecSpider is not a data authority We are formalizing this approach to achieve security through publicity

9 BGP-Origins BGP allows any Autonomous System (AS) to announce that it hosts any IP addresses (prefixes) ASes send out false announcements sometimes Pakistan hijacked YouTube by announcing its prefixes BGP-Origins uses global monitors (RouteViews) and tracks which ASes have announced which prefixes Also, any user can attest to a prefix-AS binding Operators could have attested to the proper binding of YouTube’s prefixes to avoid the hijack Users decide whom to trust and discard attestations from unknown parties

10 Ongoing Work Are conventional PKIs a good fit for the Internet? Operational groups disagree on many “trust” issues Public-Space applications are maturing Increasing usage is coming with ongoing publicity at operational meetings Public-Space can be a substitute for the missing PKI in DNSSEC’s partially deployed state Users can verify data against what is in the Public-Space With no PKI for BGP, the Public-Space uses real- world trust that already exists between operators Addresses attacks and misconfigurations

11 Thank You Questions?