Programming Microsoft Internet Explorer 5
Programming Microsoft Internet Explorer 5
Essential COM
Microsoft Windows XP Registry Guide
Microsoft Windows XP Registry Guide
PKI: Implementing and Managing E-Security
PKI: Implementing and Managing E-Security
The Problem with Multiple Roots in Web Browsers - Certificate Masquerading
WETICE '98 Proceedings of the 7th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Secure In-Band Update of Trusted Certificates
WETICE '99 Proceedings of the 8th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
A reliable, scalable general-purpose certificate store
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
How secure is secure Web browsing?
Communications of the ACM - A game experience in every application
The TIPPI Point: Toward Trustworthy Interfaces
IEEE Security and Privacy
Learning to detect phishing emails
Proceedings of the 16th international conference on World Wide Web
A Countermeasure of Fake Root Key Installation Using One-Time Hash Chain
KES-AMSTA '07 Proceedings of the 1st KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications
Privacy-preserving billing for e-ticketing systems in public transportation
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
| Hi-index | 0.00 |
If a malicious party can insert a self-issued CA public key into the list of root public keys stored in a PC, then this party could potentially do considerable harm to that PC . In this paper, we present a way to achieve such an attack for the Internet Explorer web browser root key store, which avoids attracting the user's attention. A realisation of this attack is also described. Finally, countermeasures that can be deployed to prevent such an attack are outlined.