Next Article in Journal
The Fisher Information as a Neural Guiding Principle for Independent Component Analysis
Previous Article in Journal
General Approach for Composite Thermoelectric Systems with Thermal Coupling: The Case of a Dual Thermoelectric Cooler
Article Menu

Export Article

Open AccessArticle
Entropy 2015, 17(6), 3806-3837;

On the Detection of Fake Certificates via Attribute Correlation

Key Laboratory of Advanced Control and Optimization for Chemical Process, Ministry of Education,East China University of Science and Technology, 200237 Shanghai, China
Author to whom correspondence should be addressed.
Academic Editor: Antonio M. Scarfone
Received: 14 November 2014 / Accepted: 1 June 2015 / Published: 8 June 2015
(This article belongs to the Section Statistical Mechanics)
View Full-Text   |   Download PDF [1274 KB, uploaded 8 June 2015]


Transport Layer Security (TLS) and its predecessor, SSL, are important cryptographic protocol suites on the Internet. They both implement public key certificates and rely on a group of trusted certificate authorities (i.e., CAs) for peer authentication. Unfortunately, the most recent research reveals that, if any one of the pre-trusted CAs is compromised, fake certificates can be issued to intercept the corresponding SSL/TLS connections. This security vulnerability leads to catastrophic impacts on SSL/TLS-based HTTPS, which is the underlying protocol to provide secure web services for e-commerce, e-mails, etc. To address this problem, we design an attribute dependency-based detection mechanism, called SSLight. SSLight can expose fake certificates by checking whether the certificates contain some attribute dependencies rarely occurring in legitimate samples. We conduct extensive experiments to evaluate SSLight and successfully confirm that SSLight can detect the vast majority of fake certificates issued from any trusted CAs if they are compromised. As a real-world example, we also implement SSLight as a Firefox add-on and examine its capability of exposing existent fake certificates from DigiNotar and Comodo, both of which have made a giant impact around the world. View Full-Text
Keywords: certification; man-in-the-middle attacks; attribute correlation certification; man-in-the-middle attacks; attribute correlation
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. (CC BY 4.0).

Share & Cite This Article

MDPI and ACS Style

Gu, X.; Gu, X. On the Detection of Fake Certificates via Attribute Correlation. Entropy 2015, 17, 3806-3837.

Show more citation formats Show less citations formats

Related Articles

Article Metrics

Article Access Statistics



[Return to top]
Entropy EISSN 1099-4300 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top