Last modified: 02/16/04 09:22:12 AM
J. Marchesini, S.W. Smith, M.Zhao.
"Keyjacking: Risks of the Current Client-side Infrastructure."
2nd Annual PKI Resarch Workshop.
NIST, Gaithersburg. April 2003.
In theory, PKI can provide a flexible and strong way to authenticate
users in distributed information systems. In practice, much is being
invested in realizing this vision via tools such as client-side SSL
and browser-based keystores. Exploring this vision, we demonstrate
that browsers will use personal certificates to authenticate requests
that the person neither knew of nor approved (in some scenarios,
direct migration from password-based systems to clientside SSL makes
things worse). We also demonstrate the easy permeability of these
keystores, including new attacks on medium and high-security IE/XP
keys. We suggest some short-term countermeasures. However, against
this background, it is not clear that the current client-side
infrastructure can achieve the PKI vision. A fundamental rethinking
of the trust, usage, and storage model might result in more effective
tools for building a PKI.
[MSZ04] is a revised and extended version.