Detailed Information on Publication Record
2018
The Broken Shield: Measuring Revocation Effectiveness in the Windows Code-Signing PKI
KIM, Doowon, Bum Jun KWON, Kristián KOZÁK, Christopher GATES, Tudor DUMITRAȘ et. al.Basic information
Original name
The Broken Shield: Measuring Revocation Effectiveness in the Windows Code-Signing PKI
Authors
KIM, Doowon, Bum Jun KWON, Kristián KOZÁK (203 Czech Republic, belonging to the institution), Christopher GATES and Tudor DUMITRAȘ
Edition
Baltimore, MD, 27th USENIX Security Symposium (USENIX Security 18), p. 851-868, 18 pp. 2018
Publisher
USENIX Association
Other information
Language
English
Type of outcome
Stať ve sborníku
Field of Study
10201 Computer sciences, information science, bioinformatics
Country of publisher
United States of America
Confidentiality degree
není předmětem státního či obchodního tajemství
Publication form
electronic version available online
References:
RIV identification code
RIV/00216224:14330/18:00103415
Organization unit
Faculty of Informatics
ISBN
978-1-931971-46-1
UT WoS
000485139900050
Keywords in English
code signing; revocation
Tags
International impact, Reviewed
Změněno: 24/4/2020 16:11, Mgr. Michal Petr
Abstract
V originále
Recent measurement studies have highlighted security threats against the code-signing public key infrastructure (PKI), such as certificates that had been compromised or issued directly to the malware authors. The primary mechanism for mitigating these threats is to revoke the abusive certificates. However, the distributed yet closed nature of the code signing PKI makes it difficult to evaluate the effectiveness of revocations in this ecosystem. In consequence, the magnitude of signed malware threat is not fully understood. In this paper, we collect seven datasets, including the largest corpus of code-signing certificates, and we combine them to analyze the revocation process from end to end. Effective revocations rely on three roles: (1) discovering the abusive certificates, (2) revoking the certificates effectively, and (3) disseminating the revocation information for clients. We assess the challenge for discovering compromised certificates and the subsequent revocation delays. We show that erroneously setting revocation dates causes signed malware to remain valid even after the certificate has been revoked. We also report failures in disseminating the revocations, leading clients to continue trusting the revoked certificates.