Direct Validation of SSL/TLS Certificates (DVCert)
Detecting MITM Attacks Against SSL/TLS Without Third-Parties
The security guarantees provided by SSL/TLS depend on the correct authentication of servers through certificates signed by a trusted authority. However, as recent incidents have demonstrated, trust in these authorities is not well placed. Increasingly, certificate authorities (by coercion or compromise) have been creating forged certificates for a range of adversaries, allowing seemingly secure communications to be intercepted via man-in-the-middle (MITM) attacks. A variety of solutions have been proposed, but their complexity and deployment costs have hindered their adoption. In this paper, we propose Direct Validation of Certificates (DVCert), a novel protocol that, instead of relying on third-parties for certificate validation, allows domains to directly and securely vouch for their certificates using previously established user authentication credentials. By relying on a robust cryptographic construction, this relatively simple means of enhancing server identity validation is not only efficient and comparatively easy to deploy, but it also solves other limitations of third-party solutions. Our extensive experimental analysis in both desktop and mobile platforms shows that DVCert transactions require little computation time on the server (e.g., less than 1 ms) and are unlikely to degrade server performance or user experience. In short, we provide a robust and practical mechanism to enhance server authentication and protect web applications from MITM attacks against SSL/TLS.
We used ProVerif, an automatic cryptographic protocol verifier, to formally characterize DVCert. Using ProVerif, we successfully demonstrated that DVCert does not leak password information (i.e., resilience to offline attacks). Below are the pi-calculus model for PAK and DVCert protocols. These files are used as input to ProVerif. In addition, we include log files containing ProVerif's evaluation results for each protocol.
Please send any questions, comments and recomendations to idacosta 'at' gatech.edu
See my webpage for additional contact information. Thanks.