KIM, Doowon, Bum Jun KWON, Kristián KOZÁK, Christopher GATES and Tudor DUMITRAȘ. The Broken Shield: Measuring Revocation Effectiveness in the Windows Code-Signing PKI. Online. In 27th USENIX Security Symposium (USENIX Security 18). Baltimore, MD: USENIX Association, 2018, p. 851-868. ISBN 978-1-931971-46-1.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name The Broken Shield: Measuring Revocation Effectiveness in the Windows Code-Signing PKI
Authors KIM, Doowon, Bum Jun KWON, Kristián KOZÁK (203 Czech Republic, belonging to the institution), Christopher GATES and Tudor DUMITRAȘ.
Edition Baltimore, MD, 27th USENIX Security Symposium (USENIX Security 18), p. 851-868, 18 pp. 2018.
Publisher USENIX Association
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10201 Computer sciences, information science, bioinformatics
Country of publisher United States of America
Confidentiality degree is not subject to a state or trade secret
Publication form electronic version available online
WWW URL
RIV identification code RIV/00216224:14330/18:00103415
Organization unit Faculty of Informatics
ISBN 978-1-931971-46-1
UT WoS 000485139900050
Keywords in English code signing; revocation
Tags core_A, firank_1
Tags International impact, Reviewed
Changed by Changed by: Mgr. Michal Petr, učo 65024. Changed: 24/4/2020 16:11.
Abstract
Recent measurement studies have highlighted security threats against the code-signing public key infrastructure (PKI), such as certificates that had been compromised or issued directly to the malware authors. The primary mechanism for mitigating these threats is to revoke the abusive certificates. However, the distributed yet closed nature of the code signing PKI makes it difficult to evaluate the effectiveness of revocations in this ecosystem. In consequence, the magnitude of signed malware threat is not fully understood. In this paper, we collect seven datasets, including the largest corpus of code-signing certificates, and we combine them to analyze the revocation process from end to end. Effective revocations rely on three roles: (1) discovering the abusive certificates, (2) revoking the certificates effectively, and (3) disseminating the revocation information for clients. We assess the challenge for discovering compromised certificates and the subsequent revocation delays. We show that erroneously setting revocation dates causes signed malware to remain valid even after the certificate has been revoked. We also report failures in disseminating the revocations, leading clients to continue trusting the revoked certificates.
PrintDisplayed: 1/5/2024 00:42