Download presentation
Presentation is loading. Please wait.
1
Installing Fake Root Keys in a PC Adil Alsaid and Chris J. Mitchell Information Security Group Royal Holloway, University of London
2
Contents Introduction Installing Root Certificates A Practical Method for Silently Installing a Root Certificate Countermeasures
3
Introduction The attack Motivation
4
Installing Root Certificates 1.Creating a Root Certificate 2.Installing Root Certificates under user control
5
Creating a Root Certificate makecert -r -n "CN=MyRootCA, OU=MyOrganization, O=CompanyName,E=Emailaddress" -sv root.pvk root.cer
6
User Controlled Installation
9
General Approach to Silent Root Certificate Installation 1.Using standard tools 2.Writing directly to the root certificate store
10
A Practical Method for Silently Installing a Root Certificate C++ and CryptoAPI MS Windows message system
11
The Attack A.The user executes a malicious applet B.The malicious applet does the following: 1.Creates another running thread (Monitoring) 2.Makes a CryptoAPI function call to add the fake root certificates 3.Hides the ‘security warning’ message box by providing a positive answer C. Now, the fake root certificate will be listed in the browser’s trusted root CAs list
12
Countermeasures Proactive or preventative measures Users re-authentication Root public key store access restriction Reactive measures Scanning tool OCSP Verified and user added root keys
13
Questions?
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.