Internet-wide certificate gathering for cryptanalysis
Dissertant
Thesis advisor
University
Al Akhawayn University
Faculty
School of Science and Engineering
Department
Software Engineering
University Country
Morocco
Degree
Master
Degree Date
2015
English Abstract
In this project, we designed and implemented a system called (X5CA) that collects and analyzes X.509 certificates for the purpose of analysis of weakness in different public keys, such as collisions that are otherwise not possible without the availability of a pool of public keys.
Such effort which yield a global view on key vulnerabilities such as key collisions, among other things.
The X5CA is designed and implemented using best practices approaches to fluently achieve its key objectives which are, (1) The ability to perform large scale crawling of the entire (or part of) web for X509 certificates that are used for establishing TLS secure channels; (2) The ability for expert cryptanalysts to configure and perform various attacks on different X509 certificates; (3) The Ability to run as a high performance distributed system, and (4) The ability to easily allow extensions of the database of attacks.
Last but not least, (5) The ability to stop, start and resume all the component of the system in a synchronized way.
In addition to the previous major objectives, the X5CA was designed and implemented following a sound software development process (2-Tup) giving a great importance to the user requirements, especially user experience, which confers to it industry strength software feature and eases its maintainability.
X5CA was built as a synchronized multi-process multithreaded application in java, using various standard libraries among which libraries for connection to Maple software engine to run the attacks.
Currently X5CA handles attacks on RSA modulus and exponents.
The design and implementation details, together with the initial results are described in this report, and we hope that the time and effort invested in this project will result in a major enhancement of the Internet security.
It is worth mentioning that to validate the system only simple attacks involving pairs of RSA public keys have been executed on the pool of 1,000,000 certificates that were collected using X5CA
Main Subjects
Information Technology and Computer Science
No. of Pages
201
Table of Contents
Table of contents.
Abstract.
Abstract in Arabic.
Abstract in French.
Chapter One : Introduction.
Chapter Two : Project background and related work.
Chapter Three : Project management methodology adopted : 2TUP.
Chapter Four : Conceptual analysis of the system-functional axis.
Chapter Five : Conceptual analysis of the system-technical axis.
Chapter Six : Implementation axis.
Chapter Seven : Results.
Chapter Eight : Conclusion.
References.
American Psychological Association (APA)
Arakiah, Anas. (2015). Internet-wide certificate gathering for cryptanalysis. (Master's theses Theses and Dissertations Master). Al Akhawayn University, Morocco
https://search.emarefa.net/detail/BIM-775453
Modern Language Association (MLA)
Arakiah, Anas. Internet-wide certificate gathering for cryptanalysis. (Master's theses Theses and Dissertations Master). Al Akhawayn University. (2015).
https://search.emarefa.net/detail/BIM-775453
American Medical Association (AMA)
Arakiah, Anas. (2015). Internet-wide certificate gathering for cryptanalysis. (Master's theses Theses and Dissertations Master). Al Akhawayn University, Morocco
https://search.emarefa.net/detail/BIM-775453
Language
English
Data Type
Arab Theses
Record ID
BIM-775453
