Tamper-Evident Digital Signatures:Protecting Certification Authorities Against Malware
Jong Youl ChoiDept. of Computer ScienceIndiana University at Bloomington
Philippe GollePalo Alto Research Center
Markus JakobssonSchool of InformaticsIndiana University at [email protected]
Page 2Threats to Certificate Authorities• Stealing private key
– Malicious attack such as Trojan horse, virus
– Leaking CA’s private key via covert-channel
• Hidden communication channel– CAs use lots of random numbers– Hard to prove randomness since it is
directly related to privacy
Page 3
What is a covert channel?• Hidden communication channel• Steganography – Information hiding
Original Image Extracted Image
Page 4Prisoners' problem [Simmons,’93]
• Two prisoners want to exchange messages, but must do so through the warden
• Subliminal channel in DSA
What Plan?
Plan A
Page 5
Leaking attack on RSA-PSS• A random salt is used
as a padding string in a signature
• In verification process, the salt is extracted from the message
• Hidden informationcan be embedded inthe salt
RSA-PSS : PKCS #1 V2.1
Page 6
Approaches• Need an observer to detect leaking• An observer investigates outputs
from CA
mk
Pseudo Random Number Generator
Sigk
Something hidden?
Certificate Authority
• Malicious attack• Replacement of function
Page 7
Hindsight• Observing is not easy
because of a random number– looking innocuous – Not revealing any state
• Fine as long as a random number is generated in a designated way
• Using hindsight, we detect abnormal behavior generating a random number
Page 8
Weakness of an observer• An observer can be attacked,
causing a single point of failure
mk
Pseudo Random Number Generator
Sigk
Something hidden?
Certificate Authority
Public verifiability with multiple observers
Page 9
Undercover observer• CA outputs non-interactive proof
as well as signature• Ambushes until verification is invalid
mk
Pseudo Random Number Generator
Sigk
Page 10
Tamper-evident Chain• Predefined set of random values
in lieu of random number on the fly • Hash chain verification
s1 s2 s3 …. sn Seed
Sig1 Sig2 …. Sign
h()h()h()h()h()
?s1=h(s2)
?sn-1=h(sn)
s’3
Sig’3
?s2=h(s3)
?s0=h(s1)
s0
h()
Page 11
DSA Signature Scheme• Gen : x y = gx mod p• Sign : m (s, r)
where r = (gk mod p) mod q and s = k-1(h(m) + x r) for random value k
• Verify : For given signature (s, r),u1 = h(m) s-1
u2 = r s-1
and check r=gu1 yu2 mod p mod q
Page 12
Hash chain construction
k1 k2 k3 …. kn
PRNG
Sig1 Sig2 …. Sign
h()h()h()h()
?w1=h(r2||w2)
?wn-1=h(rn||wn)
k’3
Sig’3
?w2=h(r3||w3)
r1=gk1 r2=gk2 …. rn=gknr3=gk3
w1 w2….
wnw3
r3’=gk3
w0
?w0=h(r1||w1)
Seed
Page 13
Conclusion• Any leakage from CAs is dangerous• CAs are not strong enough
from malicious attacks• We need observers which are under-
cover• A small additional cost for proofs
Or, Send me emails : [email protected]
Recommended
