BIB-VERSION:: CS-TR-v2.0
ID:: ncstrl.dartmouthcs//TR2003-443
ENTRY:: March 06, 2003
ORGANIZATION:: Dartmouth College, Computer Science
TITLE:: Keyjacking: Risks of the Current Client-side Infrastructure
TYPE:: Technical Report (paper)
REVISION:: 1
AUTHOR:: Marchesini, John C.
AUTHOR:: Smith, Sean W.
AUTHOR:: Zhao, Meiyuan
DATE:: February 2003
RETRIEVAL:: For a paper copy, email <reports@cs.dartmouth.edu>
RETRIEVAL:: For a paper copy, write to
       Technical Report Librarian
       Department of Computer Science
       Dartmouth College
       6211 Sudikoff Laboratory
       Hanover, NH 03755-3510
       USA
RETRIEVAL:: Compressed Postscript at http://www.cs.dartmouth.edu/reports/TR2003-443.ps.Z
RETRIEVAL:: PDF at http://www.cs.dartmouth.edu/reports/TR2003-443.pdf
ABSTRACT:: 
In theory, PKI can provide a flexible and strong way to
authenticate users in distributed information systems. In practice,
much is being invested in realizing this vision via client-side SSL
and browser-based keystores. Exploring this vision, we demonstrate
that browsers will use personal certificates to authenticate requests
that the person neither knew of nor approved (and which password-based
systems would have defeated), and we demonstrate the easy permeability
of these keystores (including new attacks on medium and high-security
IE/XP keys). We suggest some countermeasures, but also suggest that a
fundamental rethinking of the trust, usage, and storage model might
result in a more effective PKI.
END:: ncstrl.dartmouthcs//TR2003-443