Dan Wendlandt, Dave Andersen, Adrian Perrig
Citation
Dan Wendlandt, Dave Andersen, Adrian Perrig. " Perspectives: Improving SSH-style Host Authentication with Multi-path Network Probing". USENIX Annual Technical Conference, June, 2008.
Abstract
The popularity of ``Trust on first use''$~$(Tofu) authentication, used by SSH and HTTPS with self-signed certificates, demonstrates significant demand for host authentication that is low-cost and simple to deploy. While Tofu-based applications are a clear improvement over completely insecure protocols, they can leave users vulnerable to even simple network attacks. Our system, Perspectives, thwarts many of these attacks by using a collection of ``notary'' hosts that observes a server's public key via multiple network vantage points (detecting localized attacks) and keeps a record of the server's key over time (recognizing short-lived attacks). Clients can download these records on-demand and compare them against an unauthenticated key, detecting many common attacks. Perspectives explores a promising part of the host authentication design space: Trust on first use applications gain significant attack robustness without sacrificing their ease-of-use. We also analyze the security provided by Perspectives and describe our experience building and deploying a publicly available implementation.
Electronic downloads
| Citation formats |
- HTML
Dan Wendlandt, Dave Andersen, Adrian Perrig. <a href="http://www.truststc.org/pubs/388.html"> Perspectives: Improving SSH-style Host Authentication with Multi-path Network Probing</a>, USENIX Annual Technical Conference, June, 2008.
- Plain text
Dan Wendlandt, Dave Andersen, Adrian Perrig. " Perspectives: Improving SSH-style Host Authentication with Multi-path Network Probing". USENIX Annual Technical Conference, June, 2008.
- BibTeX
@inproceedings{WendlandtAndersenPerrig08_PerspectivesImprovingSSHstyleHostAuthenticationWith, author = {Dan Wendlandt and Dave Andersen and Adrian Perrig}, title = { Perspectives: Improving SSH-style Host Authentication with Multi-path Network Probing}, booktitle = {USENIX Annual Technical Conference}, month = {June}, year = {2008}, abstract = {The popularity of ``Trust on first use''$~$(Tofu) authentication, used by SSH and HTTPS with self-signed certificates, demonstrates significant demand for host authentication that is low-cost and simple to deploy. While Tofu-based applications are a clear improvement over completely insecure protocols, they can leave users vulnerable to even simple network attacks. Our system, Perspectives, thwarts many of these attacks by using a collection of ``notary'' hosts that observes a server's public key via multiple network vantage points (detecting localized attacks) and keeps a record of the server's key over time (recognizing short-lived attacks). Clients can download these records on-demand and compare them against an unauthenticated key, detecting many common attacks. Perspectives explores a promising part of the host authentication design space: Trust on first use applications gain significant attack robustness without sacrificing their ease-of-use. We also analyze the security provided by Perspectives and describe our experience building and deploying a publicly available implementation.}, URL = {http://www.truststc.org/pubs/388.html} }
Posted by Adrian Perrig on 2 May 2008.
For additional information, see the
Publications FAQ or
contact webmaster at www truststc org.
Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.