ACM Digital Library home
ACM home
Advanced Search
research-article

Server Location Verification (SLV) and Server Location Pinning: Augmenting TLS Authentication

Publication: ACM Transactions on Privacy and SecurityDecember 2017 Article No.: 1 https://doi.org/10.1145/3139294
  • 5citation
  • 300
    • Downloads
Metrics
Total Citations5
Total Downloads300
Last 12 Months79
Last 6 weeks5
ACM Transactions on Privacy and Security
Volume 21, Issue 1
January 2018
PreviousArticleNextArticle

Abstract

We introduce the first known mechanism providing realtime server location verification. Its uses include enhancing server authentication by enabling browsers to automatically interpret server location information. We describe the design of this new measurement-based technique, Server Location Verification (SLV), and evaluate it using PlanetLab. We explain how SLV is compatible with the increasing trends of geographically distributed content dissemination over the Internet, without causing any new interoperability conflicts. Additionally, we introduce the notion of (verifiable) server location pinning (conceptually similar to certificate pinning) to support SLV, and evaluate their combined impact using a server-authentication evaluation framework. The results affirm the addition of new security benefits to the existing TLS-based authentication mechanisms. We implement SLV through a location verification service, the simplest version of which requires no server-side changes. We also implement a simple browser extension that interacts seamlessly with the verification infrastructure to obtain realtime server location-verification results.

References

  1. 3GPP. TS 23.271. 2015. Functional Stage 2 Description of Location Services (LCS). Retrieved from http://www.3gpp.org/dynareport/23271.htm.Google ScholarGoogle Scholar
  2. AbdelRahman M. Abdou, Ashraf Matrawy, and Paul C. van Oorschot. 2017a. Accurate Manipulation of delay-based Internet geolocation. In ACM AsiaCCS. 887--898. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. AbdelRahman M. Abdou, Ashraf Matrawy, and Paul C. van Oorschot. 2017b. CPV: Delay-based location verification for the Internet. IEEE Transactions on Dependable and Secure Computing 14, 2 (2017), 130--144. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Andre Adelsbach, Sebastian Gajek, and Jörg Schwenk. 2005. Visual spoofing of SSL protected web sites and effective countermeasures. LNCS Information Security Practice and Experience 3439 (2005), 204. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Ilka Agricola and Thomas Friedrich. 2008. Elementary Geometry (1st ed.). Vol. 43. American Mathematical Society.Google ScholarGoogle Scholar
  6. Akamai. 2015. Facts 8 Figures. Retrieved from https://www.akamai.com/us/en/about/facts-figures.jsp.Google ScholarGoogle Scholar
  7. M. J. Arif, S. Karunasekera, and S. Kulkarni. 2010. GeoWeight: Internet host geolocation based on a probability model for latency measurements. In Australian Computer Society ACSC. 89--98. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Brice Augustin, Xavier Cuvellier, Benjamin Orgogozo, Fabien Viger, Timur Friedman, Matthieu Latapy, Clémence Magnien, and Renata Teixeira. 2006. Avoiding traceroute anomalies with Paris Traceroute. In ACM IMC. 153--158. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Adam Bates, Joe Pletcher, Tyler Nichols, Braden Hollembaek, and Kevin R. B. Butler. 2014. Forced perspectives: Evaluating an SSL trust enhancement at scale. In ACM IMC. 503--510. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Claude Castelluccia, Mohamed Ali Kaafar, Pere Manils, and Daniele Perito. 2009. Geolocalization of proxied services and its application to fast-flux hidden servers. In ACM IMC. 184--189. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Brent Chun, David Culler, Timothy Roscoe, Andy Bavier, Larry Peterson, Mike Wawrzoniak, and Mic Bowman. 2003. PlanetLab: An Overlay Testbed for Broad-coverage Services. ACM SIGCOMM Computer Communication Review 33 (2003), 3--12. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Jeremy Clark and Paul C. van Oorschot. 2013. SoK: SSL and HTTPS: Revisiting past challenges and evaluating certificate trust model enhancements. In IEEE Symposium on Security 8 Privacy. 511--525. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Christopher Davis, Ian Dickinson, Tim Goodwin, and Paul Vixie. 1996. A means for expressing location information in the domain name system. RFC 1876 (Experimental). IETF. http://www.ietf.org/rfc/rfc1876.txt. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Rachna Dhamija, J. Doug Tygar, and Marti Hearst. 2006. Why phishing works. In ACM CHI. 581--590. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Ziqian Dong, Rohan D. W. Perera, Rajarathnam Chandramouli, and K. P. Subbalakshmi. 2012. Network measurement based modeling and optimization for IP geolocation. Elsevier Computer Networks 56 (2012), 85--98. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. V. Dukhovni and W. Hardaker. 2015. The DNS-Based Authentication of Named Entities (DANE) Protocol: Updates and operational guidance. RFC 7671 (Proposed Standard). IETF. http://tools.ietf.org/rfc/rfc7671.txt.Google ScholarGoogle Scholar
  17. Brian Eriksson, Paul Barford, Joel Sommers, and Robert Nowak. 2010. A Learning-Based Approach for IP Geolocation. In Springer PAM. 171--180. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. C. Evans, C. Palmer, and R. Sleevi. 2015. Public Key Pinning Extension for HTTP. RFC 7469 (Proposed Standard). IETF. http://tools.ietf.org/rfc/rfc7469.txt.Google ScholarGoogle Scholar
  19. Phillipa Gill, Yashar Ganjali, Bernard Wong, and David Lie. 2010. Dude, where’s that IP? Circumventing measurement-based IP geolocation. In USENIX Security. 241--256. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Sharon Goldberg. 2014. Why is it taking so long to secure Internet routing? Communications of the ACM 57, 10 (2014), 56--63. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Bamba Gueye, Artur Ziviani, Mark Crovella, and Serge Fdida. 2006. Constraint-based geolocation of Internet hosts. IEEE/ACM Transactions on Networking 14 (2006), 1219--1232. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Alex Halderman. 2012. Mining your Ps and Qs: Detection of widespread weak keys in network devices. In USENIX Security. 205--220. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Rahul Hiran, Niklas Carlsson, and Phillipa Gill. 2013. Characterizing large-scale routing anomalies: A case study of the China telecom incident. In Springer PAM. 229--238. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Ralph Holz, Lothar Braun, Nils Kammenhuber, and Georg Carle. 2011. The SSL landscape: a thorough analysis of the X. 509 PKI using active and passive measurements. In ACM IMC. 427--444. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Bradley Huffaker, Marina Fomenkov, and K. Claffy. 2011. Geocompare: A comparison of Public and Commercial Geolocation Databases. Technical Report. CAIDA.Google ScholarGoogle Scholar
  26. Chris Karlof, Umesh Shankar, J. Doug Tygar, and David Wagner. 2007. Dynamic pharming attacks and locked same-origin policies for web browsers. In ACM CCS. 58--71. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. H. Kim and J. H. Huh. 2011. Detecting DNS-poisoning-based phishing attacks from their network performance characteristics. Electronics Letters 47, 11 (2011), 656--658.Google ScholarGoogle ScholarCross RefCross Ref
  28. Tiffany Hyun-Jin Kim, Virgil Gligor, and Adrian Perrig. 2013. GeoPKI: Converting Spatial Trust into Certificate Trust. In Springer EuroPKI. 128--144. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Timo Kiravuo, Mikko Sarela, and Jukka Manner. 2013. A survey of Ethernet LAN security. IEEE Communications Surveys 8 Tutorials 15, 3 (2013), 1477--1491.Google ScholarGoogle Scholar
  30. Michael Kranch and Joseph Bonneau. 2015. Upgrading HTTPS in mid-air: An empirical study of strict transport security and key pinning. In NDSS. Internet Society.Google ScholarGoogle Scholar
  31. Sándor Laki, Péter Mátray, Péter Hága, Tamás Sebók, István Csabai, and Gábor Vattay. 2011. Spotter: A model based active geolocation service. In IEEE INFOCOM. 3173--3181.Google ScholarGoogle Scholar
  32. Raúl Landa, Joao Taveira Araújo, Richael G. Clegg, Eleni Mykoniati, David Griffin, and Miguel Rio. 2013a. The large-scale geography of Internet round trip times. In IFIP Networking. 1--9.Google ScholarGoogle Scholar
  33. Raul Landa, Richard G. Clegg, Joao Taveira Araújo, Eleni Mykoniati, David Griffin, and Miguel Rio. 2013b. Measuring the relationships between Internet geography and RTT. In IEEE ICCCN. 1--7.Google ScholarGoogle Scholar
  34. Ben Laurie. 2014. Certificate transparency. Communications of the ACM 57, 10 (2014), 40--46. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Yuancheng Li, Shengnan Chu, and Rui Xiao. 2015. A pharming attack hybrid detection model based on IP addresses and web content. Optik-International Journal for Light and Electron Optics 126, 2 (2015), 234--239.Google ScholarGoogle ScholarCross RefCross Ref
  36. Jinjin Liang, Jian Jiang, Haixin Duan, Kang Li, Tao Wan, and Jianping Wu. 2014. When HTTPS meets CDN: A case of authentication in delegated service. In IEEE Symposium on Security 8 Privacy. 67--82. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Moxie Marlinspike. 2009. More tricks for defeating SSL in practice. Black Hat USA.Google ScholarGoogle Scholar
  38. Declan McCullagh. 2008. How Pakistan Knocked YouTube Offline. Retrieved from http://www.cnet.com/news/how-pakistan-knocked-youtube-offline-and-how-to-make-sure-it-never-happens-again/.Google ScholarGoogle Scholar
  39. James A. Muir and Paul C. van Oorschot. 2009. Internet geolocation: Evasion and counterevasion. ACM Computing Surveys 42 (2009), 4:1--4:23. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Alberto Ornaghi and Marco Valleri. 2003. Man in the middle attacks. In Blackhat Conference Europe.Google ScholarGoogle Scholar
  41. Venkata N. Padmanabhan and Lakshminarayanan Subramanian. 2001. An investigation of geographic mapping techniques for Internet hosts. In ACM SIGCOMM. 173--185. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Roberto Percacci and Alessandro Vespignani. 2003. Scale-free behavior of the Internet global performance. Springer EPJ B—Condensed Matter and Complex Systems 32 (2003), 411--414.Google ScholarGoogle Scholar
  43. Zachary N. J. Peterson, Mark Gondree, and Robert Beverly. 2011. A position paper on data sovereignty: The importance of geolocating data in the cloud. In USENIX HotCloud. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. S. Fahl et al. 2012. Why Eve and Mallory love Android: An analysis of Android SSL (in)security. In ACM CCS. 50--61. Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. Nuno Santos, Rodrigo Rodrigues, Krishna P. Gummadi, and Stefan Saroiu. 2012. Policy-sealed data: A new abstraction for building trusted cloud services. In USENIX Security. 175--188. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. S. S. Siwpersad, Bamba Gueye, and Steve Uhlig. 2008. Assessing the Geographic Resolution of Exhaustive Tabulation for Geolocating Internet Hosts. In Springer PAM. 11--20. Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. IEEE Computer Society. 2004. IEEE Std. 802.1D. Media access control (MAC) Bridges. http://standards.ieee.org/getieee802/download/802.1D-2004.pdf.Google ScholarGoogle Scholar
  48. Matthijs van Polen, Giovane Moura, and Aiko Pras. 2011. Finding and Analyzing Evil Cities on the Internet. In Springer Autonomous Infrastructure, Management, and Security. 38--48. Google ScholarGoogle ScholarDigital LibraryDigital Library
  49. Nevena Vratonjic, Julien Freudiger, Vincent Bindschaedler, and Jean-Pierre Hubaux. 2013. The inconvenient truth about web certificates. In Economics of Information Security and Privacy III. Springer, 79--117.Google ScholarGoogle Scholar
  50. Yong Wang, Daniel Burgener, Marcel Flores, Aleksandar Kuzmanovic, and Cheng Huang. 2011. Towards street-level client-independent IP geolocation. In USENIX NSDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Dan Wendlandt, David G. Andersen, and Adrian Perrig. 2008. Perspectives: Improving SSH-style host authentication with multi-path probing. In USENIX ATC. Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. Wired. 2005. How to Detect Sneaky NSA “Quantum Insert” Attacks. Retrieved from https://www.wired.com/2015/04/researchers-uncover-method-detect-nsa-quantum-insert-hacks/, 2015.Google ScholarGoogle Scholar
  53. Bernard Wong, Ivan Stoyanov, and Emin Gün Sirer. 2007. Octant: A Comprehensive Framework for the Geolocalization of Internet Hosts. In USENIX NSDI. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. Der-Yeuan Yu, Aanjhan Ranganathan, Ramya Jayaram Masti, Claudio Soriente, and Srdjan Capkun. 2016a. SALVE: Server authentication with location verification. In ACM MobiCom. 401--414. Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Der-Yeuan Yu, Elizabeth Stobert, David Basin, and Srdjan Capkun. 2016b. Exploring Website Location as a Security Indicator. arXiv:1610.03647 (2016).Google ScholarGoogle Scholar
  56. Yifei Zhang and Hongli Zhang. 2012. Triangulation Inequality Violation in Internet Delay Space. In Advances in Computer Science and Information Engineering, Vol. 169. Springer, 331--337.Google ScholarGoogle Scholar

Index Terms

  1. Server Location Verification (SLV) and Server Location Pinning

          Comments

          Login options

          Check if you have access through your login credentials or your institution to get full access on this article.

          Sign in

          Full Access

          Get this Article

          PDF Format

          View or Download as a PDF file.

          PDF

          eReader

          View online with eReader.

          eReader
          View Issue’s Table of Contents
          About Cookies On This Site

          We use cookies to ensure that we give you the best experience on our website.

          Learn more

          Got it!