A Scanning Tool for PC Root Public Key Stores
نویسندگان
چکیده
As has recently been demonstrated, a malicious third party could insert a self-issued CA public key into the list of trusted root CA public keys stored on an end user PC. As a consequence, the malicious third party could potentially do severe damage to the end user computing environment. In this paper, we discuss the problem of fake root public keys and suggest a solution that can be used to detect and remove them. We further describe a prototype implementation of this solution. C. Wolf, S. Lucks, P.-W. Yau (Eds.): WEWoRC 2005, LNI P-74, pp. 45–52, 2005. c Gesellschaft für Informatik e.V.
منابع مشابه
Installing Fake Root Keys in a PC
If a malicious party can insert a self-issued CA public key into the list of root public keys stored in a PC, then this party could potentially do considerable harm to that PC. In this paper, we present a way to achieve such an attack for the Internet Explorer web browser root key store, which avoids attracting the user’s attention. A realisation of this attack is also described. Finally, count...
متن کاملEEH: AGGH-like public key cryptosystem over the eisenstein integers using polynomial representations
GGH class of public-key cryptosystems relies on computational problems based on the closest vector problem (CVP) in lattices for their security. The subject of lattice based cryptography is very active and there have recently been new ideas that revolutionized the field. We present EEH, a GGH-Like public key cryptosystem based on the Eisenstein integers Z [ζ3] where ζ3 is a primitive...
متن کاملThe Potential of Individualized Trusted Root Stores: Minimizing the Attack Surface in the Light of CA Failures
The security of most Internet applications relies on underlying public key infrastructures (PKIs) and thus on an ecosystem of certification authorities (CAs). The pool of PKIs responsible for the issuance and the maintenance of SSL certificates, called the Web PKI, has grown extremely large and complex. Herein, each CA is a single point of failure for the security, leading to an attack surface,...
متن کاملEvent Timestamping Tool: a simple PC based kernel to timestamp distributed events
This report describes the design and implementation of a tool to timestamp distributed events, using a standard PC hardware platform. The Event Timestamping Tool (ETT) is a small software kernel that detects externally generated events using two probe sources, and stores the respective timestamps with known precision bounds. A specialized kernel solution minimizes the response time for an event...
متن کاملPKC-PC: A Variant of the McEliece Public Key Cryptosystem based on Polar Codes
Polar codes are novel and efficient error correcting codes with low encoding and decoding complexities. These codes have a channel dependent generator matrix which is determined by the code dimension, code length and transmission channel parameters. This paper studies a variant of the McEliece public key cryptosystem based on polar codes, called"PKC-PC". Due to the fact that the structure of po...
متن کامل