Installing Fake Root Keys in a PC
نویسندگان
چکیده
If a malicious party can insert a self-issued CA public key into the list of root public keys stored in a PC, then this party could potentially do considerable harm to that PC. In this paper, we present a way to achieve such an attack for the Internet Explorer web browser root key store, which avoids attracting the user’s attention. A realisation of this attack is also described. Finally, countermeasures that can be deployed to prevent such an attack are outlined.
منابع مشابه
A Scanning Tool for PC Root Public Key Stores
As has recently been demonstrated, a malicious third party could insert a self-issued CA public key into the list of trusted root CA public keys stored on an end user PC. As a consequence, the malicious third party could potentially do severe damage to the end user computing environment. In this paper, we discuss the problem of fake root public keys and suggest a solution that can be used to de...
متن کاملبررسی سمیت سلولی Pro Root MTA، Root MTA و سیمان پرتلند بر روی فیبروبلاستهای L929 موش
Background and Aim: Mineral Trioxide Aggregate (MTA) is a material used in many endodontic problems. Recently a number of studies, have reported that Portland Cement (PC) and MTA have similar physical, chemical and biologic properties. In addition, a material known as Root MTA which is produced in Iran has been claimed to have similar properties to Pro Root MTA. If these claims are true, possib...
متن کاملVariants of Bleichenbacher's Low-Exponent Attack on PKCS#1 RSA Signatures
We give three variants and improvements of Bleichenbacher’s low-exponent attack from CRYPTO 2006 on PKCS#1 v1.5 RSA signatures. For each of these three variants the fake signature representatives are accepted as valid by a flawed implementation. Our attacks work against much shorter keys as Bleichenbacher’s original attack, i.e. even for usual 1024 bit RSA keys. The first two variants can be us...
متن کاملDetection of Fake Accounts in Social Networks Based on One Class Classification
Detection of fake accounts on social networks is a challenging process. The previous methods in identification of fake accounts have not considered the strength of the users’ communications, hence reducing their efficiency. In this work, we are going to present a detection method based on the users’ similarities considering the network communications of the users. In the first step, similarity ...
متن کاملDisguisable Symmetric Encryption Schemes for an Anti-forensics Purpose
In this paper, we propose a new notion of secure disguisable symmetric encryption schemes, which captures the idea that the attacker can decrypt a cipher text he encrypted to different meaningful values when different keys are put to the decryption algorithm. This notion is aimed for the following anti-forensics purpose: the attacker can cheat the forensics investigator by decrypting an encrypt...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005