On the Unnecessary Complexity of Names in X.509 and Their Impact on Implementations
The X.509 Public Key Infrastructure (PKI) provides a cryptographically verifiable mechanism for authenticating a binding of an entity’s public-key with its identity, presented in a tamper-proof digital certificate. This often serves as a foundational building block for achieving different security guarantees in many critical applications and protocols (e.g., SSL/TLS). Identities in the context of X.509 PKI are often captured as names, which are encoded in certificates as composite records with different optional fields that can store various types of string values (e.g., ASCII, UTF8). Although such flexibility allows for the support of diverse name types (e.g., IP addresses, DNS names) and application scenarios, it imposes on library developers obligations to enforce unnecessarily convoluted requirements. Bugs in enforcing these requirements can lead to potential interoperability and performance issues, and might open doors to impersonation attacks. This paper focuses on analyzing how opensource libraries enforce the constraints regarding the formatting, encoding, and processing of complex name structures on X.509 certificate chains, for the purpose of establishing identities. Our analysis reveals that a portfolio of simplistic testing approaches can expose blatant violations of the requirements in the widely used open-source libraries. Although there is a substantial amount of prior work that focused on testing the overall certificate chain validation process of X.509 libraries, the identified violations have escaped their scrutiny. To make matters worse, we observe that almost all the analyzed libraries completely ignore certain pre-processing steps prescribed by the standard. This begs the question of whether it is beneficial to have a standard so flexible but complex that none of the implementations can faithfully adhere to it. With our test results, we argue in the negative, and explain how simpler alternatives (e.g., other forms of identifiers such as Authority and Subject Key Identifiers) can be used to enforce similar constraints with no loss of security.
Tue 24 JunDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
10:30 - 12:30 | SecurityJournal First / Research Papers / Industry Papers at Aurora B Chair(s): Zhenchang Xing CSIRO’s Data61; Australian National University | ||
10:30 20mTalk | Come for Syntax, Stay for Speed, Write Secure Code: An Empirical Study of Security Weaknesses in Julia Programs Journal First Yue Zhang Auburn University, Justin Murphy Tennessee Tech University, Akond Rahman Auburn University | ||
10:50 20mTalk | AIM: Automated Input Set Minimization for Metamorphic Security Testing Journal First Nazanin Bayati Chaleshtari University of Ottawa, Yoann Marquer University of Luxembourg, Fabrizio Pastore University of Luxembourg, Lionel Briand University of Ottawa, Canada; Lero centre, University of Limerick, Ireland | ||
11:10 20mTalk | Understanding Industry Perspectives of Static Application Security Testing (SAST) Evaluation Research Papers Yuan Li Zhejiang University, Peisen Yao Zhejiang University, Kan Yu Ant Group, Chengpeng Wang Hong Kong University of Science and Technology, Yaoyang Ye Zhejiang University, Song Li The State Key Laboratory of Blockchain and Data Security, Zhejiang University, Meng Luo The State Key Laboratory of Blockchain and Data Security, Zhejiang University, Yepang Liu Southern University of Science and Technology, Kui Ren Zhejiang University DOI | ||
11:30 20mTalk | Efficient and Robust Security-Patch Localization for Disclosed OSS Vulnerabilities with Fine-Tuned LLMs in an Industrial Setting Industry Papers Dezhi Ran Peking University, Lin Li Huawei Cloud Computing Technologies Co., Ltd., Liuchuan Zhu Huawei Cloud Computing Technologies Co., Ltd., Yuan Cao Peking University, Landelong Zhao Peking University, Xin Tan Beihang University, Guangtai Liang Huawei Cloud Computing Technologies, Qianxiang Wang Huawei Technologies Co., Ltd, Tao Xie Peking University | ||
11:50 20mTalk | It’s Acting Odd! Exploring Equivocal Behaviors of Goodware Research Papers Gregorio Dalia University of Sannio, Andrea Di Sorbo University of Sannio, Corrado A. Visaggio University of Sannio, Italy, Gerardo Canfora University of Sannio DOI | ||
12:10 20mTalk | On the Unnecessary Complexity of Names in X.509 and Their Impact on Implementations Research Papers Yuteng Sun The Chinese University of Hong Kong, Joyanta Debnath Stony Brook University, Wenzheng Hong Independent, Omar Chowdhury Stony Brook University, Sze Yiu Chau The Chinese University of Hong Kong DOI | ||
Aurora B is the second room in the Aurora wing.
When facing the main Cosmos Hall, access to the Aurora wing is on the right, close to the side entrance of the hotel.