Bamboozling Certificate Authorities with BGP

Overview

Explore a critical security vulnerability in the Public Key Infrastructure (PKI) through this 23-minute conference talk from USENIX Security '18. Discover how Autonomous Systems can exploit Border Gateway Protocol (BGP) weaknesses to hijack traffic and obtain fraudulent certificates from trusted Certificate Authorities. Learn about the first real-world demonstration of these attacks, conducted ethically against top CAs. Examine findings from a dataset of 1.8 million certificates, revealing the widespread vulnerability of domains to such exploits. Gain insights into two proposed countermeasures: multi-vantage point domain verification by CAs and a BGP monitoring system to detect suspicious routes and delay certificate issuance. Understand the implications for network security and the steps being taken to strengthen the PKI against these threats.

Syllabus

USENIX Security '18 - Bamboozling Certificate Authorities with BGP

Taught by

USENIX

Reviews

Start your review of Bamboozling Certificate Authorities with BGP

From Zero to Cybersecurity Analyst

Most common

Popular subjects

Popular courses

Bamboozling Certificate Authorities with BGP

Overview

Syllabus

Taught by

Reviews

From Zero to Cybersecurity Analyst

Taught by

Route to Bugs - Analyzing the Security of BGP Message Parsing

Breaking HTTPS With BGP Hijacking

Tracking Certificate Misissuance in the Wild

The Dirty Laundry of the Web PKI

Revolutionizing Certificate Management with ACME and Vault

Off-Path Attacks Against PKI

Never Stop Learning.