Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Who's got it? Who's giving it away? How to protect your privacy and steal it from other people. For intellectual privacy, personal privacy, and blackhats alike... 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Individual PKI vulnerabilities?
Posted by: Sineater
Date: February 26, 2008 10:03AM

At my work, we use an enterprise deployment of PKI for digitally signature of email and encryption of email. The encryption seems solid, but I'm worried that part of the security of our system depends on administrative controls and procedures which are easily subverted for convenience, as well as inherent vulnerabilities in any web of trust.

I am hoping that the members of this group will be able to help me identify vulnerabilities I haven't noticed, confirm my suspicions about suspected weak areas, or put to rest any of my concerns.

Let's assume some working knowledge of what PKI is, and how it works. We have our own Certificate Authority (CA) which cross-references user data with a LDAP server and issues Verisign certificates; a digitally signing certificate and an encryption certificate for each user. Individual certificates are valid for one year from issue.

Certificate enrollment is done at a local level where a LRA can verify the user's identity. Our local IT department does most of the work of installing the certificates to a user's profile and setting up the email security/SMIME settings. The user generates a password to access their private key. Both certificates are exported as a backup to a network drive along with the private keys (still password protected).

The certificates are associated with a particular email address; they cannot be used with any other email address even if the private key is obtained by someone else.

So, vulnerabilities as I see them:
-Certificate Revocation Lists are rarely used or updated.
-We must trust absolutely in Verisign's certificate generation process
-When digitally signing, one only needs possession of a backup copy of the certificate and the password (2 out of the 3 elements normally required)
-user generated passwords tend to be overly simple. Since these passwords cannot be reset or obtained by administrators, simple passwords are permitted

I welcome your comments and thoughts. I can expand on this post, if needed, but I tend to be a bit wordy as is.

Options: ReplyQuote
Re: Individual PKI vulnerabilities?
Posted by: Malkav
Date: February 27, 2008 04:48AM

common PKI vulnerability reside more in trust chain than in mathematical flaws (altough using ECDSA is a proven no-no now)

the certificate management has to be tightly monitored and forcefully enforced.

1 : notify the user that they *must* ask revocation of their certificate if they *think* their ID has been compromised. failure to do so should lead to immediate termination

2 : the revokation should be as automated as possible, reducing probability of old certificate reuse by malicious third party

3 : if a strong password policy cannot be enforced on the user, then move the strength to a proven secure smart card.

4 : you of course, cannot trust Verisign, and should take that into account. there is no such thing as "trusted third party"

as a matter of general trust, and because you cannot trust people with unknown agenda (ie : every single human with access to you PKI), you should move most of the part in the hand of machines, ensuring that a malicious user/admin/gremlin/god or whatever has only limited compromising power. reliance on certificate revokation is of course a minimum, but beyond a certain point, we can't just point a 9mm on each and every member can't we ?

----------------------------------------------------------------------------------------------------------------

Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
--Benjamin Franklin

Options: ReplyQuote


Sorry, only registered users may post in this forum.