measurement and analysis of private key sharing in the
play

Measurement and Analysis of Private Key Sharing in the HTTPS - PowerPoint PPT Presentation

Jan 08, 2024 •20 likes •1.21k views

Measurement and Analysis of Private Key Sharing in the HTTPS Ecosystem Frank Cangialosi, Taejoong Chung, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, Christo Wilson How do we know with whom we are communicating? How do we know

  1. How prevalent is key sharing? 1 0.8 0.6 CDF 0.4 0.2 Organizations 0 10 2 10 3 10 4 10 5 0 1 10 Number of Third-Party Hosting Providers Used

  2. How prevalent is key sharing? 1 0.8 0.6 CDF 0.4 0.2 Organizations 0 10 2 10 3 10 4 10 5 0 1 10 Number of Third-Party Hosting Providers Used

  3. How prevalent is key sharing? 1 0.8 0.6 CDF 0.4 0.2 23.5% Self-hosted Organizations 0 10 2 10 3 10 4 10 5 0 1 10 Number of Third-Party Hosting Providers Used

  4. How prevalent is key sharing? 1 76.5% 0.8 share 0.6 at least CDF 1 key 0.4 0.2 23.5% Self-hosted Organizations 0 10 2 10 3 10 4 10 5 0 1 10 Number of Third-Party Hosting Providers Used

  5. How prevalent is key sharing? 1 Who? 76.5% 0.8 share 0.6 at least CDF 1 key 0.4 0.2 23.5% Self-hosted Organizations 0 10 2 10 3 10 4 10 5 0 1 10 Number of Third-Party Hosting Providers Used

  6. Who shares? Fraction of Domains Hosted 1 on Third-party Providers At least one key shared All keys shared 0.8 0.6 0.4 0.2 0 0 200k 400k 600k 800k 1M Alexa Site Rank (bins of 10,000)

  7. Who shares? Fraction of Domains Hosted 1 on Third-party Providers At least one key shared All keys shared 0.8 0.6 0.4 0.2 0 0 200k 400k 600k 800k 1M Alexa Site Rank (bins of 10,000)

  8. Who shares? Fraction of Domains Hosted 1 on Third-party Providers At least one key shared 43.2% (of Top 10k) All keys shared 0.8 share at least one 0.6 0.4 0.2 0 0 200k 400k 600k 800k 1M Alexa Site Rank (bins of 10,000)

  9. Who shares? Fraction of Domains Hosted 1 on Third-party Providers At least one key shared 43.2% (of Top 10k) All keys shared 0.8 share at least one 0.6 0.4 22.4% share all 0.2 0 0 200k 400k 600k 800k 1M Alexa Site Rank (bins of 10,000)

  10. Who shares? Fraction of Domains Hosted 1 on Third-party Providers At least one key shared 43.2% (of Top 10k) All keys shared 0.8 share at least one 0.6 0.4 22.4% share all 0.2 0 0 200k 400k 600k 800k 1M Alexa Site Rank (bins of 10,000) Key sharing is common across the Internet

  11. Outline How prevalent is key sharing? How many keys have providers aggregated? How does sharing impact key management?

  12. Outline • 76.5% share with ≥ 1 provider How prevalent is • Common even among most key sharing? popular websites How many keys have providers aggregated? How does sharing impact key management?

  13. How many keys have providers aggregated? Domain Host Org Org Domain Domain Domain Org Host Host Org Domain Domain Org Domain Host Domain Domain Host Org Org

  14. How many keys have providers aggregated? Domain Host Org Org Domain Domain Domain Org Host Host Org Domain Domain Org Domain Host Domain Domain Host Org Org

  15. How have keys been aggregated? 10 6 10 5 Number of Distinct Customers Served 10 4 10 3 10 2 10 1 10 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Rank-Order Third-Party Hosting Providers

  16. How have keys been aggregated? 10 6 10 5 Number of Distinct Customers Served 10 4 10 3 10 2 10 1 10 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Rank-Order Third-Party Hosting Providers

  17. How have keys been aggregated? Hosting provider #Organizations #Domains 266,110 277,891 secureserver.net 10 6 151,628 175,089 amazonaws.com 117.229 122,158 unifiedlayer.com 10 5 Number of Distinct 78,369 87,077 Customers Served Cloud Flare Inc. 54,158 63,418 Rackspace Hosting 10 4 … … … 15,440 22,671 akamaitechnologies.com 10 3 10 2 10 1 10 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Rank-Order Third-Party Hosting Providers

  18. How have keys been aggregated? Hosting provider #Organizations #Domains 266,110 277,891 secureserver.net 10 6 151,628 175,089 amazonaws.com 117.229 122,158 unifiedlayer.com 10 5 Number of Distinct 78,369 87,077 Customers Served Cloud Flare Inc. 54,158 63,418 Rackspace Hosting 10 4 … … … 15,440 22,671 akamaitechnologies.com 10 3 10 2 10 1 10 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Rank-Order Third-Party Hosting Providers

  19. How have keys been aggregated? Hosting provider #Organizations #Domains 266,110 277,891 secureserver.net 10 6 151,628 175,089 amazonaws.com 117.229 122,158 unifiedlayer.com 10 5 Number of Distinct 78,369 87,077 Customers Served Cloud Flare Inc. 54,158 63,418 Rackspace Hosting 10 4 … … … 15,440 22,671 akamaitechnologies.com 10 3 10 2 10 1 10 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Rank-Order Third-Party Hosting Providers Top 1% of providers hold keys for 86% of all organizations

  20. Does key sharing make enticing attack targets? Domain Host Org Org Domain Domain Domain Org Host Host Org Domain Domain Org Domain Host Domain Domain Host Org Org

  21. Does key sharing make enticing attack targets? Domain Host Org Org Domain Domain Domain Org Host Host Org Domain Domain Org Domain Host Domain Domain Host Org Org

  22. Does key sharing make enticing attack targets? Domain Host Org Org Domain Domain Domain Org Host Host Org Domain Domain Org Domain Host Domain Domain Host Org Org

  23. Does key sharing make enticing attack targets? 1 Domains’ Keys Acquired Cumulative Fraction of 0.8 0.6 0.4 Alexa Top 1k 0.2 Alexa Top 1m All Domains 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Number of Hosting Providers Compromised

  24. Does key sharing make enticing attack targets? 1 Domains’ Keys Acquired Cumulative Fraction of 0.8 0.6 0.4 Alexa Top 1k 0.2 Alexa Top 1m All Domains 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Number of Hosting Providers Compromised

  25. Does key sharing make enticing attack targets? 1 Domains’ Keys Acquired Cumulative Fraction of 0.8 60% of Top 1K, same provider 0.6 0.4 Alexa Top 1k 0.2 Alexa Top 1m All Domains 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Number of Hosting Providers Compromised

  26. Does key sharing make enticing attack targets? 1 Domains’ Keys Acquired Cumulative Fraction of 0.8 60% of Top 1K, same provider 0.6 0.4 Alexa Top 1k 0.2 Alexa Top 1m All Domains 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Number of Hosting Providers Compromised

  27. Does key sharing make enticing attack targets? 1 Domains’ Keys Acquired Cumulative Fraction of 0.8 60% of Top 1K, same provider 0.6 >40% of all sites, 10 providers 0.4 Alexa Top 1k 0.2 Alexa Top 1m All Domains 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Number of Hosting Providers Compromised

  28. Does key sharing make enticing attack targets? 1 Domains’ Keys Acquired Cumulative Fraction of 0.8 60% of Top 1K, same provider 0.6 >40% of all sites, 10 providers 0.4 Alexa Top 1k 0.2 Alexa Top 1m All Domains 0 10 0 10 1 10 2 10 3 10 4 10 5 10 6 Number of Hosting Providers Compromised Popular hosting services are prime targets for attack

  29. Outline • 76.5% share with ≥ 1 provider How prevalent is • Common even among most key sharing? popular websites • Top 1% of providers hold 
 How many keys have keys for 86% of orgs providers aggregated? • Attractive targets for attack How does sharing impact key management?

  30. Key Management Request certificates Renew expiring certificates Revoke and reissue compromised certificates

  31. Who manages private keys? Website acquires Third-party acquires CAs

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Simulation, Measurement and Analysis of Photoemission Simulation, Measurement and Analysis of

Simulation, Measurement and Analysis of Photoemission Simulation, Measurement and Analysis of

Thomas Jefferson National Accelerator Facility (Jefferson Lab) Newport News, Virginia Simulation, Measurement and Analysis of Photoemission Simulation, Measurement and Analysis of Photoemission from Dispenser Cathodes, Metals and Coated

706 views • 42 slides
An Architectural Approach to Inter-domain Measurement Data Sharing Brian Trammell Communication

An Architectural Approach to Inter-domain Measurement Data Sharing Brian Trammell Communication

An Architectural Approach to Inter-domain Measurement Data Sharing Brian Trammell Communication Systems Group, ETH Zrich DUST 2012, San Diego, 15 May 2012 Questions and Wishes common platform for darkspace analysis lets use

308 views • 18 slides
Private Sharing of IOCs and Sightings (short paper) Tim van de Kamp Andreas Peter Maarten

Private Sharing of IOCs and Sightings (short paper) Tim van de Kamp Andreas Peter Maarten

Private Sharing of IOCs and Sightings (short paper) Tim van de Kamp Andreas Peter Maarten Everts Willem Jonker Workshop on Information Sharing and Collaborative Security, 2016 What This Talk Is About: Private Information Sharing

410 views • 39 slides
Strategic/Policy Implications of Measurement Data Sharing Under the OIO nee, The Road to an

Strategic/Policy Implications of Measurement Data Sharing Under the OIO nee, The Road to an

Strategic/Policy Implications of Measurement Data Sharing Under the OIO nee, The Road to an Open Internet is Paved With Pragmatic Disclosure & Transparency Policies Bill Lehr Erin Kenneally Steve Bauer MIT CAIDA/UCSD MIT 1

222 views • 9 slides
OptiGauge Precision Thickness Measurement July 2008 N ON - CONTACT MEASUREMENT AND ANALYSIS OF SIX

OptiGauge Precision Thickness Measurement July 2008 N ON - CONTACT MEASUREMENT AND ANALYSIS OF SIX

OptiGauge Precision Thickness Measurement July 2008 N ON - CONTACT MEASUREMENT AND ANALYSIS OF SIX MICRON + THIN WALL COATINGS ON MEDICAL BALLOONS AND CATHETERS USING LOW COHERENCE INTERFEROMETRY Rob Vlosky, Lumetrics Inc., 150 Lucius Gordon Dr.,

367 views • 10 slides
8. Hydrometry - measurement and analysis 8.1 De fi nitions In English, the traditional word used

8. Hydrometry - measurement and analysis 8.1 De fi nitions In English, the traditional word used

8. Hydrometry - measurement and analysis 8.1 De fi nitions In English, the traditional word used to describe the measurement of water levels and fl ow volumes is Hydrography. That is ambiguous, for that word is also used for the measurement

492 views • 30 slides
Operating System Principles: Performance Measurement and Analysis CS 111 Operating Systems

Operating System Principles: Performance Measurement and Analysis CS 111 Operating Systems

Operating System Principles: Performance Measurement and Analysis CS 111 Operating Systems Peter Reiher Lecture 11 CS 111 Page 1 Fall 2016 Outline Introduction to performance measurement Issues in performance measurement A

708 views • 54 slides
IETF Hackathon: Measurement and Analysis for Protocols (MAP) - Live IETF 104 23-24 March, 2019

IETF Hackathon: Measurement and Analysis for Protocols (MAP) - Live IETF 104 23-24 March, 2019

IETF Hackathon: Measurement and Analysis for Protocols (MAP) - Live IETF 104 23-24 March, 2019 Prague Hackathon Plan (Project 1) Analysis tool development and measurement results for Internet Draft on Privacy & Security Issues in

712 views • 25 slides
Fraud and Error Measurement Analysis Adapting to a changing benefit landscape

Fraud and Error Measurement Analysis Adapting to a changing benefit landscape

Fraud and Error Measurement Analysis Adapting to a changing benefit landscape Jennifer.Snape@beis.gov.uk Ann.Simpson-Hawkins@dwp.gsi.gov.uk Agenda Background Motivation Measurement Process Current challenges Solutions

431 views • 26 slides
Public and private BitTorrent communities: A measurement study M. Meulpolder, L. DAcunto, M.

Public and private BitTorrent communities: A measurement study M. Meulpolder, L. DAcunto, M.

Public and private BitTorrent communities: A measurement study M. Meulpolder, L. DAcunto, M. Capota, M. Wojciechowski, J.A. Pouwelse, D.H.J. Epema, H.J. Sips Abstract Results of extensive measurements of more than half a million peers in

350 views • 8 slides
Measurement Techniques Part 2: Measurement Techniques Terminology and general issues

Measurement Techniques Part 2: Measurement Techniques Terminology and general issues

Part 2 Measurement Techniques Part 2: Measurement Techniques Terminology and general issues Active performance measurement SNMP and RMON Packet monitoring Flow measurement Traffic analysis Terminology and General I

758 views • 64 slides
Turtle: Safe and Private Data Sharing Bogdan C. Popescu Petr Matejka Bruno Crispo Andrew S.

Turtle: Safe and Private Data Sharing Bogdan C. Popescu Petr Matejka Bruno Crispo Andrew S.

Turtle: Safe and Private Data Sharing Bogdan C. Popescu Petr Matejka Bruno Crispo Andrew S. Tanenbaum Vrije Universiteit, Amsterdam Motivation Use p2p for safe sharing of sensitive data an adversary (censor) attempts to prevent this

208 views • 6 slides
International developments in public/private financial information- sharing partnerships

International developments in public/private financial information- sharing partnerships

KEYNOTE ADDRESS: International developments in public/private financial information- sharing partnerships Southern Africa Anti-Money Laundering & Financial Crime Conference 23 & 24 October 2019 at the Indaba Hotel, Johannesburg Nick

453 views • 23 slides
Measurement There are two main systems of measurement: - The English system

Measurement There are two main systems of measurement: - The English system

4 - 1 Introduction Measurement is finding a number that shows the size or amount of something. Measurement is done using measuring tools. Measurement There are two main systems of measurement: - The

438 views • 4 slides
Towards Provable Network Traffic Measurement and Analysis via Semi-Labeled Trace Datasets

Towards Provable Network Traffic Measurement and Analysis via Semi-Labeled Trace Datasets

Towards Provable Network Traffic Measurement and Analysis via Semi-Labeled Trace Datasets Network Traffic Measurement and Analysis Conference (TMA 2018) June 28, 2018 Milan Cermak et al. Institute of Computer Science, Masaryk University, Brno

575 views • 25 slides
Public and private BitT orrent communities: A measurement study M. Meulpolder, L. DAcunto, M.

Public and private BitT orrent communities: A measurement study M. Meulpolder, L. DAcunto, M.

Public and private BitT orrent communities: A measurement study M. Meulpolder, L. DAcunto, M. Capot, M. Wojciechowski, J.A. Pouwelse, D.H.J. Epema, H.J. Sips Delft University of Technology Challenge the future PDS group BitTorrent

351 views • 20 slides
M M 4. PKIX 7. peer 2 peer 8. Identity 5. Cross Certification 2. Ingredients 6. Trust

M M 4. PKIX 7. peer 2 peer 8. Identity 5. Cross Certification 2. Ingredients 6. Trust

Rglements LDAPS europens Services de X.509 Rseau de con fi ance Direc ves X.509 lemployeur PKI architectures: references X.509 eIDAS AC AC @ Prestataires e-gouv Commerant X.509 X.509 en ligne FOUNDATIONS RGS

438 views • 16 slides
MQ Signatures for PKI June 2017 Alan Szepieniec , Ward Beullens, Bart Preneel 1/17 New Hope Key

MQ Signatures for PKI June 2017 Alan Szepieniec , Ward Beullens, Bart Preneel 1/17 New Hope Key

MQ Signatures for PKI June 2017 Alan Szepieniec , Ward Beullens, Bart Preneel 1/17 New Hope Key Exchange Post-Quantum KX based on RLWE USENIX 2016 2/17 New Hope Key Exchange Post-Quantum KX based on RLWE USENIX 2016

586 views • 54 slides
OSG PKI Transition: Status and Next Steps (and Lessons Learned) Von Welch OSG PKI

OSG PKI Transition: Status and Next Steps (and Lessons Learned) Von Welch OSG PKI

OSG PKI Transition: Status and Next Steps (and Lessons Learned) Von Welch OSG PKI Transition Lead Indiana University Center for Applied Cybersecurity Research Key Message DOE Grids CA stops issuing new certificates March 23 rd ,

397 views • 29 slides
c b roland.vanrijswijk@surfnet.nl Overview - Introduction - The 2-factor landscape - Something

c b roland.vanrijswijk@surfnet.nl Overview - Introduction - The 2-factor landscape - Something

tiqr: a novel take on two-factor authentication LISA 2011, Boston, MA Roland van Rijswijk c b roland.vanrijswijk@surfnet.nl Overview - Introduction - The 2-factor landscape - Something we all have - - Comparison of 2-factor AuthN

546 views • 19 slides
Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of Theoretical Computer Science ETH Zrich on joint work with R. Knzler, J. Mller-Quade, C. Lucas, U. Maurer, M. Fitzi Metaguse, 2009/10/04 Multi-Party

1.04k views • 83 slides
Network Security Dr. Mohammed Shafiul Alam Khan Assistant Professor Institute of Information

Network Security Dr. Mohammed Shafiul Alam Khan Assistant Professor Institute of Information

Network Security Dr. Mohammed Shafiul Alam Khan Assistant Professor Institute of Information Technology (IIT), University of Dhaka (DU) shafiul@du.ac.bd December 10, 2017 M S A Khan (IIT, DU) Network Security December 10, 2017 1 / 23

447 views • 23 slides
Enterprise Storage Architecture Fall 2018 Storage Efficiency Tyler Bletsch Duke University Two

Enterprise Storage Architecture Fall 2018 Storage Efficiency Tyler Bletsch Duke University Two

ECE590-03 Enterprise Storage Architecture Fall 2018 Storage Efficiency Tyler Bletsch Duke University Two views of file system usage User data view: How large are my files? (bytes -used metric) or How much capacity am I

485 views • 35 slides
Previously... Forward and converse proof of the rate-distortion theorem S. Cheng (OU-Tulsa)

Previously... Forward and converse proof of the rate-distortion theorem S. Cheng (OU-Tulsa)

Lecture 14 Review Previously... Forward and converse proof of the rate-distortion theorem S. Cheng (OU-Tulsa) November 28, 2017 1 / 27 Lecture 14 Overview This time Method of types Universal source coding Large deviation theory S. Cheng

1.66k views • 133 slides

More recommend