Bamboozling Certificate Authorities with BGP
Offered By: USENIX via YouTube
Course Description
Overview
Explore a critical security vulnerability in the Public Key Infrastructure (PKI) through this 23-minute conference talk from USENIX Security '18. Discover how Autonomous Systems can exploit Border Gateway Protocol (BGP) weaknesses to hijack traffic and obtain fraudulent certificates from trusted Certificate Authorities. Learn about the first real-world demonstration of these attacks, conducted ethically against top CAs. Examine findings from a dataset of 1.8 million certificates, revealing the widespread vulnerability of domains to such exploits. Gain insights into two proposed countermeasures: multi-vantage point domain verification by CAs and a BGP monitoring system to detect suspicious routes and delay certificate issuance. Understand the implications for network security and the steps being taken to strengthen the PKI against these threats.
Syllabus
USENIX Security '18 - Bamboozling Certificate Authorities with BGP
Taught by
USENIX
Related Courses
Never Been KIST - Tor’s Congestion Management Blossoms with Kernel-Informed Socket TransportUSENIX via YouTube Eclipse Attacks on Bitcoin’s Peer-to-Peer Network
USENIX via YouTube Control-Flow Bending - On the Effectiveness of Control-Flow Integrity
USENIX via YouTube Protecting Privacy of BLE Device Users
USENIX via YouTube K-Fingerprinting - A Robust Scalable Website Fingerprinting Technique
USENIX via YouTube