Papers     Last modified: 10/19/04 11:14:29 AM

J. Marchesini, S.W. Smith, M.Zhao.
"Keyjacking: The Surprising Insecurity of Client-side SSL"
Computers and Security
In press; available online September 2004.


In theory, PKI can provide a flexible and strong way to authenticate users in distributed information systems. In practice, much is being invested in realizing this vision via client-side SSL and various client keystores. However, whether this works depends on whether what the machines do with the private keys matches what the humans think they do: whether a server operator can conclude from an SSL request authenticated with a user's private key that the user was aware of and approved that request. Exploring this vision, we demonstrate via a series of experiments that this assumption does not hold with standard desktop tools, even if the browser user does all the right things. A fundamental rethinking of the trust, usage, and storage model might result in more effective tools for achieving the PKI vision.

See Also

A preliminary version appeared as [MSZ03]



Back to home page Maintained by Sean Smith,