Análise de segurança da distribuição de raízes na ICP-Brasil
Resumo
Este trabalho analisa a distribuição de certificados raízes na ICPBrasil do ponto de vista de segurança. Uma prova de conceito simples é apresentada para substituir o certificado raiz distribuído no repositório oficial por um certificado falso, comprometendo a base de certificados confiados da máquina cliente, mesmo quando o procedimento sugerido de verificação é respeitado. Finalmente, algumas recomendações são apresentadas para fortalecer a distribuição de certificados, na esperança de contribuir para tornar a ICPBrasil mais robusta.
Referências
AccessNow (2011). The weakest link in the chain: vulnerabilities in the SSL certificate authority system and what should be done about them. [link].
Bernstein, D. J., Chou, T., Chuengsatiansup, C., Hülsing, A., Lambooij, E., Lange, T., Niederhagen, R., and van Vredendaal, C. (2015). How to manipulate curve standards: A white paper for the black hat. In SSR, volume 9497 of LNCS, pages 109–139. Springer. http://bada55.cr.yp.to.
Cooper, D. A. (1998). A Closer Look at Revocation and Key Compromise in Public Key Infrastructures. In Proceedings of the 21st National Information Systems Security Conference. NIST.
Huang, L. S., Rice, A., Ellingsen, E., and Jackson, C. (2014). Analyzing Forged SSL Certificates in the Wild. In IEEE Symposium on Security and Privacy, pages 83–97.
Kerner, S. M. (2015). Symantec Issues Fraudulent Google SSL Cert. [link].
Kohnfelder, L. M. (1978). Towards a practical public-key cryptosystem. B.S. Thesis, supervised by L. Adleman.
Kuhn, D. R., Hu, V., Polk, W. T., and Chang, S.-j. H. (2001). SP 800-32. Introduction to Public Key Technology and the Federal PKI Infrastructure. Technical report, Gaithersburg, MD, United States.
Laurie, B., Langley, A., and Kasper, E. (2013). Certificate transparency. RFC 6962: https://www.rfc-editor.org/rfc/rfc6962.txt.
Leavitt, N. (2011). Internet Security under Attack: The Undermining of Digital Certificates. Computer, 44(12):17–20.
Li, N. and Feigenbaum, J. (2001). Nonmonotonicity, user interfaces, and risk assessment in certificate revocation. In Financial Cryptography, volume 2339 of LNCS, pages 157–168. Springer.
Merkle, J. and Lochter, M. (2010). Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation. RFC 5639: https://www.rfc-editor.org/rfc/rfc5639.txt.
Mozilla (2015). The MCS Incident and Its Consequences for CNNIC. https://blog.mozilla.org/security/files/2015/04/CNNIC-MCS.pdf.
Prins, J. (2011). DigiNotar Certificate Authority breach: “Operation Black Tulip”. Interim report, Cybercrime Business Unit.
Roosa, S. B. and Schultze, S. (2013). Trust Darknet: Control and Compromise in the Internet’s Certificate Authority Model. IEEE Internet Computing, 17(3):18–25.
WebTrust (2011). Trust Service Principles and Criteria for Certification Authorities v2.0. http://www.webtrust.org/homepage-documents/item54279.pdf.
WebTrust (2017). Principles and criteria for certification authorities: Ssl baseline with network security v2.2. http://www.webtrust.org/principles-and-criteria/docs/item83987.pdf.
Bernstein, D. J., Chou, T., Chuengsatiansup, C., Hülsing, A., Lambooij, E., Lange, T., Niederhagen, R., and van Vredendaal, C. (2015). How to manipulate curve standards: A white paper for the black hat. In SSR, volume 9497 of LNCS, pages 109–139. Springer. http://bada55.cr.yp.to.
Cooper, D. A. (1998). A Closer Look at Revocation and Key Compromise in Public Key Infrastructures. In Proceedings of the 21st National Information Systems Security Conference. NIST.
Huang, L. S., Rice, A., Ellingsen, E., and Jackson, C. (2014). Analyzing Forged SSL Certificates in the Wild. In IEEE Symposium on Security and Privacy, pages 83–97.
Kerner, S. M. (2015). Symantec Issues Fraudulent Google SSL Cert. [link].
Kohnfelder, L. M. (1978). Towards a practical public-key cryptosystem. B.S. Thesis, supervised by L. Adleman.
Kuhn, D. R., Hu, V., Polk, W. T., and Chang, S.-j. H. (2001). SP 800-32. Introduction to Public Key Technology and the Federal PKI Infrastructure. Technical report, Gaithersburg, MD, United States.
Laurie, B., Langley, A., and Kasper, E. (2013). Certificate transparency. RFC 6962: https://www.rfc-editor.org/rfc/rfc6962.txt.
Leavitt, N. (2011). Internet Security under Attack: The Undermining of Digital Certificates. Computer, 44(12):17–20.
Li, N. and Feigenbaum, J. (2001). Nonmonotonicity, user interfaces, and risk assessment in certificate revocation. In Financial Cryptography, volume 2339 of LNCS, pages 157–168. Springer.
Merkle, J. and Lochter, M. (2010). Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation. RFC 5639: https://www.rfc-editor.org/rfc/rfc5639.txt.
Mozilla (2015). The MCS Incident and Its Consequences for CNNIC. https://blog.mozilla.org/security/files/2015/04/CNNIC-MCS.pdf.
Prins, J. (2011). DigiNotar Certificate Authority breach: “Operation Black Tulip”. Interim report, Cybercrime Business Unit.
Roosa, S. B. and Schultze, S. (2013). Trust Darknet: Control and Compromise in the Internet’s Certificate Authority Model. IEEE Internet Computing, 17(3):18–25.
WebTrust (2011). Trust Service Principles and Criteria for Certification Authorities v2.0. http://www.webtrust.org/homepage-documents/item54279.pdf.
WebTrust (2017). Principles and criteria for certification authorities: Ssl baseline with network security v2.2. http://www.webtrust.org/principles-and-criteria/docs/item83987.pdf.
Publicado
06/11/2017
Como Citar
RIBEIRO, Bruno C. Dias; S. JUNIOR, Edson Floriano; ARANHA, Diego F..
Análise de segurança da distribuição de raízes na ICP-Brasil. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 17. , 2017, Brasília.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2017
.
p. 549-556.
DOI: https://doi.org/10.5753/sbseg.2017.19530.
