Global authentication in an untrustworthy world

Authors:
Martín Abadi;Andrew Birrell;Ilya Mironov;Ted Wobber;Yinglian Xie
Affiliations:
Microsoft Research, Silicon Valley and UCSC;Microsoft Research, Silicon Valley;Microsoft Research, Silicon Valley;Microsoft Research, Silicon Valley;Microsoft Research, Silicon Valley
Venue:
HotOS'13 Proceedings of the 14th USENIX conference on Hot Topics in Operating Systems
Year:
2013

Citing 3
Cited 0

Authentication in distributed systems: theory and practice

ACM Transactions on Computer Systems (TOCS)
A new approach to the X.509 framework: allowing a global authentication infrastructure without a global trust model

SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
Perspectives: improving SSH-style host authentication with multi-path probing

ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

With the advent in the 1980's of truly global hierarchical naming (via the Domain Name Service), security researchers realized that the trust relationships needed to authenticate principals would often not follow the naming hierarchy [1,13]. The most successful non-hierarchical authentication schemes are based on X.509 and RFC 5280, as used for example in TLS and Authenticode. These are extremely widely deployed, and are trusted for most people's everyday use of the Internet. Unfortunately several incidents in the last few years have proved that this trust is misplaced [9,14]. We explore the weaknesses of this machinery, helped by a large database of X.509 certificates, and we offer an analysis technique and a suggestion for how the trust could be enhanced.