Tamper-Evident Digital Signatures: Protecting Certification Authorities Against Malware

1
Tamper-Evident Digital SignaturesProtecting
Certification Authorities Against Malware
Jong Youl Choi Dept. of Computer Science Indiana
University at Bloomington
Philippe Golle Palo Alto Research Center
Markus Jakobsson School of Informatics Indiana
University at Bloomington
jychoi_at_cs.indiana.edu
pgolle_at_parc.com
markus_at_indiana.edu
2
Threats to Certificate Authorities

• Stealing private key
• Malicious attack such as Trojan horse, virus
• Leaking CAs private key via covert-channel
• Hidden communication channel
• CAs use lots of random numbers
• Hard to prove randomness since it is directly
  related to privacy

3
What is a covert channel?

• Hidden communication channel
• Steganography Information hiding

Original Image
Extracted Image
4
Prisoners' problem Simmons,93

• Two prisoners want to exchange messages, but must
  do so through the warden
• Subliminal channel in DSA

What Plan?
Plan A
5
Leaking attack on RSA-PSS

• A random salt is usedas a padding string in a
  signature
• In verification process, the salt is extracted
  from the message
• Hidden informationcan be embedded inthe salt

RSA-PSS PKCS 1 V2.1
6
Approaches

• Need an observer to detect leaking
• An observer investigates outputs from CA

Something hidden?

• Malicious attack
• Replacement of function

Pseudo Random Number Generator
Certificate Authority
mk
Sigk
7
Hindsight

• Observing is not easy because of a random number
• looking innocuous
• Not revealing any state
• Fine as long as a random number is generated in a
  designated way
• Using hindsight, we detect abnormal behavior
  generating a random number

8
Weakness of an observer

• An observer can be attacked, causing a single
  point of failure

Something hidden?
Pseudo Random Number Generator
Certificate Authority
mk
Sigk
? Public verifiability with multiple observers
9
Undercover observer

• CA outputs non-interactive proof as well as
  signature
• Ambushes until verification is invalid

Pseudo Random Number Generator
mk
Sigk
10
Tamper-evident Chain

• Predefined set of random values in lieu of
  random number on the fly
• Hash chain verification

h()
h()
h()
h()
h()
h()
s3
.
sn
s0
s1
s2
Seed
s3
Sig1
Sig2
.
Sign
Sig3
? s1h(s2)
? sn-1h(sn)
? s2h(s3)
? s0h(s1)
11
DSA Signature Scheme

• Gen x ? y gx mod p
• Sign m ? (s, r) where r (gk mod p) mod q
  and s k-1(h(m) x r) for random
  value k
• Verify For given signature (s, r), u1 h(m)
  s-1 u2 r s-1 and check rgu1 yu2 mod p mod q

12
Hash chain construction
PRNG
Seed
k1
k2
k3
.
kn
k3
.
r1gk1
r2gk2
rngkn
r3gk3
r3gk3
h()
h()
h()
h()
w1
w2
wn
w3
w0
.
Sign
.
Sig1
Sig2
Sig3
? w1h(r2w2)
? wn-1h(rnwn)
? w2h(r3w3)
? w0h(r1w1)
13
Conclusion

• Any leakage from CAs is dangerous
• CAs are not strong enough from malicious attacks
• We need observers which are under-cover
• A small additional cost for proofs

Or, Send me emails jychoi_at_cs.indiana.edu