|
Perspectives Home |
Firefox Extension |
OpenSSH Client |
Web Demo |
Students: Dan Wendlandt and Ethan Jackson
Contact Email: ( pers...@cs.cmu.edu )
Advisers: Dave Andersen and Adrian Perrig
This research has been supported by NSF and Cylab:
Update 10-31-2008: We released a new version of our Firefox extension,
with an updated notary list: Install Now
Perspectives is a new approach to help clients securely identify Internet servers in order to avoid "man-in-the-middle" attacks. Perspectives is simple and cheap compared to existing approaches because it automatically builds a robust database of network identities using lightweight network probing by "network notaries" located in multiple vantage points across the Internet.
Contribute: If you would like to contribute to this project by writing code, running a notary, designing GUI's, or writing documentation please email us. We soon hope to soon have a page for facilitating such contributions.
When you use a secure protocol like SSL or SSH to communicate on the Internet, your communication is vulnerable to a "man-in-the-middle" attack unless you are able to identify the remote server in a secure manner. One way to do this is to have the server participate in a "Public Key Infrastructure" (PKI) and buy a certificate from a certificate authority like VeriSign.
Unfortunately, PKI's can be expensive and cumbersome to operate, leading to widespread use of a simple and cheap "Trust-on-first-use" mechanism commonly associated with SSH and HTTPS with self-signed certificates. Unfortunately, this comes at the cost of security. For example, here are some familiar warnings from OpenSSH and Firefox:
The authenticity of host 'host.domain.com (192.168.74.49)' can't be established. RSA key fingerprint is 07:fd:fb:9b:03:a2:b4:e8:b3:c9:0f:0b:db:43:1c:1a. Are you sure you want to continue connecting (yes/no)?
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the DSA host key has just been changed. The fingerprint for the DSA key sent by the remote host is 4c:68:03:d4:5c:58:a6:1d:bd:17:13:84:14:48:ba:99. Please contact your system administrator. |
|
Few users bother to verify the correctness of the key manually (hey, we're lazy by nature!), but Perspectives provides a simple "no effort" way to get significantly more information about whether a key is correct for that destination. A client can automatically make a secure connection to one of several publicly available "network notary servers" located around the world. These servers tell the client:
The replies from the network notaries can go a long way toward either providing the user with confidence that the key it received is valid, or that a real threat of a "man in the middle" attack exists.
The end result is that instead of having applications issue bland warnings, which users often ignore, the application can either skip the warning if notary data indicates the the key is valid, or give a very stern warning in the rare cases when an attack appears to be in progress.
We have a network notary implementation actively running on the RON/IRIS Testbed .
To try it out you can:
* Note: For now, this page is only secured using a self-signed certificate (no, the irony is not lost on us).
Notary Server Privacy Policy: All notary servers adhere to a strict policy of never recording client IP addresses, period. The Perspectives project and its software will only contact Notary servers that follow this privacy policy. Your privacy is important to us.
Both the Firefox and OpenSSH clients let you configure the scenarios when you should contact Notaries. In fact, you can set the preferences of the Firefox client to ask permission each time before contacting notaries. We plan to improve these privacy features in the future and welcome suggestions.
Currently, all network notaries are operated by our research group using the RON/IRIS Testbed . The current notary_list.txt describes the actively running notaries and their public keys, which is used by clients.
In the future, we plan to work with other well known entities (e.g., universities, ISPs, etc.) to run a larger network of notaries. If you have interest in running a Notary, contact us.
The notary server is written in C, leveraging Berkeley DB, OpenSSL and OpenSSH. As discussed in our paper, even older hardware can handle over a million probes per day while simultaneously handling thousands of client queries per second. Download Source
We recently presented 'Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing' at Usenix ATC 2008.
Usenix Presentation Slides [PPT]
Nanog Presentation Slides [PPT]
Q: Is my computer insecure if I do not install Perspectives?
A: No, you will be safe if you simply go along with Firefox's default suggestion and refuse to connection to any websites that show Security Errors. Perspectives aims to make a better trade-off between security and useability with respect to these Security Errors by distinguishing between the frequent false positives and the rare (but serious) attack scenarios. If you aren't familiar enough with Internet security to know the difference between a certificate signed by a Certificate Authority and a self-signed certificate, Perspectives may not be a good match for you. Hopefully in the future we will be able to work with browser makers like Mozilla and Microsoft to integrate Perspectives-like functionality into the normal browser experience.
Q: But what if an attacker takes over all paths to the destination?
A: There are two answers to that. Please see our academic paper for a detailed security analysis.
1) Perspectives actually keeps a record of the keys used by a service over time. Thus, even if a powerful adversary is able to take over the whole Internet (scenario L_server in the paper), clients can still detect the key as suspicious because the key has recently changed. If the attacker is able to compromise all paths for a long time, then you are in trouble, but then again such a powerful adversary could also fool the so-called "verification procedures" of many certificate authorities, which often consist of a one-time email verification.
2) Even though a powerful adversary can defeat the system, it makes man-in-the-middle attacks much harder. Today an attacker must only be on the path between you and the destination, which isn't very hard. Think about an open wireless network, or the recent DNS attacks which compromise a targeted DNS resolver. Being on all links is much harder, and in the end security is nothing but making an attack harder.
Q: I get a red icon and a message that perspectives failed every time the extension contacts notaries. What is going on??
A: The most likely cause is that you are accessing the Internet through a proxy or firewall that is preventing Perspectives from reaching the notaries. To minimize load on notaries, clients contact notaries using a lightweight (but still secure) protocol using UDP port 15217. You can ask you network administrator if this is likely to be the case.
In the future, we are looking to add simple HTTP proxy functionality to Perspectives to get around this issue. If you are interested in helping out, let us know.
Q: I am getting a "not compatible with your Firefox build type" error.
A: Our extension includes C++ code, so we must include a binary library for each supported platform. Likely, you are running a non-supported platform like 64-bit Linux or FreeBSD. If you are interested in helping us support Perspectives on more platforms, let us know!
Q: What about services in "private" (RFC 1918) space?
A: Unfortunately, we can't do much to monitor the keys used by these services, since our notary servers cannot reach them. Sorry.
If you have questions, comments, or are interested in contributing by testing releases, writing code, or running a notary server, please click on the following link to reveal our contact email address: pers...@cs.cmu.edu .
Bug Reports:
We welcome bug reports and feature requests for our software. If you are reporting a bug, please report the version of the software used, your platform (OS, distro, and browser if relevant), and the exact circumstances needed to reproduce the bug. We will do our best to work with you and resolve the issue.If you download our software or are interested in when new versions will become available, please register for our LOW-VOLUME perspectives-announce email list. With the possible exception of critical security issues, we will not send out more than one email per month.