A new system devised by Carnegie Mellon University researchers aims to thwart man-in-the-middle (MitM) attacks by providing a way to verify the authenticity of self-signed certificates. The system, which is called Perspectives, uses a distributed network of "notary" servers to evaluate the public key of a target destination so that its validity can be ascertained.

The growing presence of public wireless access points puts more users at risk of falling prey to man-in-the-middle attacks. The researchers believe that the Perspectives system can resolve this problem and offer reasonably strong security guarantees for users who visit web sites that have self-signed certificates instead of certificates that are independently validated by certificate authorities.

The client-side component of Perspectives is implemented as a Firefox browser extension that communicates with notary servers. When the user visits a page with a self-signed certificate, the Perspective add-on requests validation from the notary servers, which then send back the public key of the target destination. The key retrieved from the notaries can then be compared with the key obtained by the user's browser in order to determine if a MitM attack is being perpetrated.

Retrieving keys from multiple notaries will help protect the user by ensuring that public key authenticity is verified accurately even in the event that an individual notary server is compromised. Users can specify the level of redundancy that they require for a key to be considered valid. For additional protection, the notary servers also cache keys and recheck them periodically so that they can detect when keys change over time and factor that into assessments of key validity.

Typical MitM attacks will not be able to inject false responses into traffic to or from notaries because each is secured by a key signature. An attack that merely blocks access to notaries will fail as well, because the browser extension will only verify the authenticity of a public key if it can obtain comparison keys from the notary servers.

"To enhance security without requiring a PKI, we designed Perspectives to supplement [Trust-on-first-use] applications with spatial and temporal redundancy," the researchers wrote in a paper. "Our implementation demonstrates that the notary concept is practical, and after using our Perspectives clients for nearly a year, we have found them invaluable at several occasions: when logging in to a new server while connecting through a public wireless network, or when connecting to a known server after a server key change."

The current notary servers are all operated by CMU, but the researchers hope that other institutions will voluntarily run additional servers to expand the network. There are obvious privacy implications associated with using the service, but the researchers claim that the notary servers do not log IP addresses and that all other notary servers will be required to commit to the same privacy standards. The server software is written in C and uses the Berkeley DB for storing data. Benchmarking tests demonstrate that, on relatively modest hardware, notary servers could answer more than 20,000 queries per second.

I downloaded the Firefox extension and tested it with Firefox 3.0.1 on Ubuntu Linux. The software performed as expected during my tests. It is implemented with a combination of C++ and JavaScript and didn't appear to have a noticeable impact on Firefox performance or reliability. In addition to developing a Firefox plug-in, the researchers also experimentally modified OpenSSH to give it notary validation capabilities.

Although the Perspectives software can't universally mitigate MitM attacks, it provides strong protection and demonstrable efficacy in thwarting many common MitM attacks.

Further reading

