600.436 High-Assurance Systems
Fall 01/Introduction
15
Example 2: SSL
¨Claim:
– “SSL secures communications between applications and services...”
¨Assumptions (and confidences):
1.Client is not otherwise compromised (0%)
2.Server is not otherwise compromised (15%)
3.Server is properly installed (< 30% are)
4.No “back door” into the server (< 2%)
5.Certificate authority (CA) has not been compromised (99%)
6.CA issued crypto keys to the right party (~80%)
7.Server handles authentication correctly (< 15%)
8.Server does not expose sensitive information when hacked (0%)
9.DNS infrastructure intact (85% and falling)
10.Mother’s maiden name is not in a genealogy database somewhere. (0%)
¨Actions to Compromise:
–Hack either machine…