A Data-driven Approach to Identifying Internet Security Challenges

March 2, 2020
3:00
Halligan 102
Speaker: Tijay Chung
Host:

Abstract

Public key infrastructures (PKIs) enable secure communication between different entities over an untrusted network. Due to this ability, PKIs are now central to security on the Internet: large- scale PKIs enable the security guarantees provided by protocols like HTTPS, DNSSEC, and the RPKI. Unfortunately, despite these guarantees, there have been numerous security failures involving these protocols; ultimately, most of these failures are rooted in discordance between how these protocols are designed and how they are actually used in practice.

In this talk, I will present an overview of my recent work that applies large-scale measurement and analysis to understand how security protocols are (mis)used in practice. I will first discuss how my measurements reveal widespread private key sharing between different entities in HTTPS ecosystem, breaking many security assumptions and making certain entities attractive attack targets. I will then describe how my large-scale study of the DNSSEC revealed that over 30% of domains that try to deploy DNSSEC fail to do so correctly, why it is currently so challenging for domain owners to do so, and how we can improve it. I conclude with a discussion of my on-going funded research and future research directions.