Uploaded image for project: 'SCMS'
  1. SCMS
  2. SCMS-1607

EE shall check CRLG Certificate Validity.start time

    XMLWordPrintable

Details

    • Hide

      In order to prevent the following attack sequence:
      1) A CRLG Certificate is compromised by attacker
      2) A new valid CRLG Certificate is used to sign a CRL revoking the compromised CRLG certificate
      3) The CRL Store makes the new valid CRL available for download
      4) The attacker downloads the new valid CRL
      5) Attacker creates a fraudulent CRL signed by the compromised certificate which revokes the new CRLG certificate
      6) Attacker distributes the new fraudulent CRL via collaborative distribution before all devices have downloaded the new valid CRL
      7) Repeat steps 2-6

      Show
      In order to prevent the following attack sequence: 1) A CRLG Certificate is compromised by attacker 2) A new valid CRLG Certificate is used to sign a CRL revoking the compromised CRLG certificate 3) The CRL Store makes the new valid CRL available for download 4) The attacker downloads the new valid CRL 5) Attacker creates a fraudulent CRL signed by the compromised certificate which revokes the new CRLG certificate 6) Attacker distributes the new fraudulent CRL via collaborative distribution before all devices have downloaded the new valid CRL 7) Repeat steps 2-6

    Description

      Upon receiving a new CRL, the EE shall reject the CRL and CRLG Certificate if the ValidityPeriod.start value of the CRLG certificate used to sign the newly received CRL is chronologically earlier then the stored ValidityPeriod.start value of the previously received valid CRLG Certificate.

      Attachments

        Activity

          People

            Unassigned Unassigned
            jhahn Jeff Hahn (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: