Adil M. Alsaid (2007) Enhancing End User Security - Attacks & Solutions.
Full text access: Open
End user computing environments, e.g. web browsers and PC operating systems, are the target of a large number of attacks, both online and offline. The nature of these attacks varies from simple online attacks, such as user tracking using cookies, to more sophisticated attacks on security protocols and cryptographic algorithms. Other methods of attack exist that target end user applications that utilise and interact with cryptographic functions provided by the PC operating system. After providing a general introduction to the security techniques and protocols used in this thesis, a review of possible threats to end user computing environments is given, followed by a discussion of the countermeasures needed to combat these threats. The contributions of this thesis include three new approaches for enhancing the security of end user systems, together with an analysis and a prototype implementation of an end user security enhancement tool. The following paragraphs summarise the three main contributions of this thesis. Digitally signing a digital document is a straightforward procedure; however, when the digital document contains dynamic content, the digital signature may remain valid but the viewed document may not be the same as the document when viewed by the signer. A new solution is proposed to solve the problem; the main idea behind the solution is to make the application aware of the sensitive cryptographic function being requested. In order to verify a digital signature computed on a document or any other object (e.g. an executable), access to the public key corresponding to the private key used to sign the document is required. Normally, the public part of the key is made available in a digital 'certificate', which is made up of the public key of the signer, the name of the signer, and other data, all signed using the private signing key of a trusted third party known as a Certification Authority (CA). To verify such a certificate, and thereby obtain a trusted copy of the document signer's public key, a trusted copy of the CA's public key is required. If a malicious party can insert a fake CA public key into the list of CA public keys stored in a PC, then this party could potentially do considerable harm to that PC, since this malicious party could then forge signatures apparently created by other entities. A method of achieving such an attack without attracting the user's attention is presented in this thesis. Countermeasures that can be deployed to prevent the insertion of a fake root public key are discussed. A suggested solution that can be used to detect and remove such fake keys is presented, and a prototype implementation of this solution is described. SSL/TLS supports mutual authentication, i.e. both server and client authentication, using public key certificates. However, this optional feature of SSL/TLS is not widely used because most end users do not have a certified public key. Certain attacks rely on this fact, such as web spoofing and phishing attacks. A method for supporting client-side SSL authentication using trusted computing platforms is proposed. The proposed approach makes a class of phishing attacks ineffective; moreover, the proposed method can also be used to protect against other online attacks.
This is a Published version This version's date is: 02/02/2007 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/05f19804-7a5d-4fcd-90e9-8b23f90d115f/1/
Deposited by () on 28-Jun-2010 in Royal Holloway Research Online.Last modified on 14-Dec-2010
[1] Ben Adida, David Chau, Susan Hohenberger, and Ronald L. Rivest.Lightweight signatures for email. Preprint, June 2005.
[2] Ben Adida, Susan Hohenberger, and Ronald L. Rivest. Fight-ing phishing attacks: A lightweight trust architecture for detectingspoofed emails. In Proceedings of the DIMACS Workshop on Theftin E-Commerce: Content, Identity, and Service. Rutgers University,Piscataway, NJ, April 2005.
[3] Julia H. Allen. The CERT Guide to System and Network SecurityPractices. The SEI Series in Software Engineering. Addison WesleyProfessional, 2001.
[4] Adil Alsaid and Chris J. Mitchell. Digitally signed documents { am-biguities and solutions. In Proceedings of the International NetworkConference 2004 (INC 2004), Plymouth University, UK, July 2004.
[5] Adil Alsaid and Chris J. Mitchell. Dynamic content attacks ondigital signatures. Information Management & Computer Security,13(4):328{336, 2005.
[6] Adil Alsaid and Chris J. Mitchell. Installing fake root keys on a PC.In D. Chadwick and G. Zhao, editors, EuroPKI 2005, volume 3545 ofLecture Notes in Computer Science, pages 227{239. Springer-Verlag,Berlin, July 2005.
[7] Adil Alsaid and Chris J. Mitchell. A scanning tool for PC rootpublic key stores. In Christopher Wolf, Stefan Lucks, and Po-WahYau, editors, WEWoRC 2005 | Western European Workshop onResearch in Cryptology, volume P-74 of Lecture Notes in Informatics(LNI), pages 45{52. Gesellschaft fÄur Informatik, 2005.
[8] Adil Alsaid and Chris J. Mitchell. Preventing phishing attacks usingtrusted computing technology. In Proceedings of the InternationalNetwork Conference 2006 (INC 2006), Plymouth University, UK,July 2006.
[9] Ross Anderson. Security Engineering: A Guide to Building Depend-able Distributed Systems. John Wiley & Sons, Inc., Chichester, WestSussex, England, 2001.
[10] Vinod Anupam and Alain Mayer. Security of web browser scriptinglanguages: Vulnerabilities, attacks, and remedies. In Proceedings ofthe 7th USENIX Security Symposium, pages 187{200, San Antonio,Texas, January 1998.
[11] Boris Balache®, Liqun Chen, Siani Pearson, David Plaquin, andGraeme Proudler. Trusted Computing Platforms: TCPA Technologyin Context. Prentice Hall PTR, Upper Saddle River, New Jersey,2003.
[12] S. Balfe, A. D. Lakhani, and K. G. Paterson. Securing peer-to-peer networks using trusted computing. In Chris J. Mitchell, editor,Trusted Computing, pages 271{298. IEE Press, 2005.
[13] Daniel J. Barrett, Richard E. Silverman, and Robert G. Byrnes.SSH, The Secure Shell | The De¯nitive Guide. O'Reilly Media,Inc., Sebastopol, CA, 2nd edition, 2005.
[14] Istv¶an Zsolt Berta, Levente Butty¶an, and Istv¶an Vajda. A frame-work for the revocation of unintended digital signatures initiated bymalicious terminals. IEEE Transactions on Dependable and SecureComputing, 2(3):268{272, 2005.
[15] N. Borselius and C. J. Mitchell. Certi¯cate translation. In Pro-ceedings of NORDSEC 2000 | 5th Nordic Workshop on Secure ITSystems, pages 289{300, Reykjavik, Iceland, October 2000.
[16] D. Box. Essential COM. Addison-Wesley, Boston, MA, 1998.
[17] Ernest F. Brickell, Jan Camenisch, and Liqun Chen. Direct anony-mous attestation. In Vijayalakshmi Atluri, Birgit P¯tzmann, andPatrick Drew McDaniel, editors, Proceedings of the 11th ACM Con-ference on Computer and Communications Security, CCS 2004,pages 132{145, Washingtion, DC, USA, October 2004. ACM.
[18] D. Bruschi, D. Fabris, V. Glave, and E. Rosti. How to unwittinglysign non-repudiable documents with java applications. In Proceed-ings of the 19th Annual Computer Security Applications Conference(ACSAC '03), pages 192{196. IEEE Computer Society, 2003.
[19] Jan Camenisch. Better privacy for trusted computing platforms. InPierangela Samarati, Peter Ryan, Dieter Gollmann, and Re¯k Molva,editors, Proceedings of the 9th European Symposium on Research inComputer Security 2004, volume 3193 of Lecture Notes in ComputerScience, pages 73{88. Springer-Verlag, Berlin, September 2004.
[20] Brian Caswell and Jay Beale. Snort 2.1 Intrusion Detection, SecondEdition. Syngress Publishing, Inc., Rockland, MA, 2004.
[21] William R. Cheswick and Steven M. Bellovin. Firewalls and InternetSecurity. Addison-Wesley, Boston, MA, 1994.
[22] William R. Cheswick, Steven M. Bellovin, and Aviel D. Rubin. Fire-walls and Internet Security: Repelling the Wily Hacker. Addison-Wesley, 2003.
[23] Neil Chou, Robert Ledesma, Yuka Teraguchi, and John C. Mitchell.Client-side defense against web-based identity theft. In Proceedingsof the 11th Annual Network and Distributed System Security Sym-posium NDSS '04), San Diego, CA, USA, February 2004.
[24] Bruce Christianson and William S. Harbison. Why isn't trust tran-sitive? In Mark Lomas, editor, Proceedings of the Security ProtocolsInternational Workshop, volume 1189 of Lecture Notes in ComputerScience, pages 171{176. Springer-Verlag, Berlin, April 1996.
[25] James Clark. XSL Transformations (XSLT) Version 1.0, November1999. http://www.w3.org/TR/1999/REC-xslt-19991116.html.
[26] Lorrie Faith Cranor and Simson Gar¯nkel. Security and Usability:Designing Secure Systems that People Can Use. O'Reilly Media, Inc.,Sebastopol, CA, 2005.
[27] Michelle Delio. Pharming out-scams phishing, March 2005.http://www.wired.com/news/infostructure/0,1377,66853,00.html.
[28] Adam Denning. ActiveX Controls Inside Out. Microsoft Press, Red-mond, Washington, 1997.
[29] Alex W. Dent and Chris J. Mitchell. User's Guide to Cryptographyand Standards. Artech House, 2004.
[30] Rachna Dhamija and J. D. Tygar. The battle against phishing: Dy-namic security skins. In Proceedings of the Symposium On UsablePrivacy and Security (SOUPS) 2005, pages 77{88. ACM, July 2005.
[31] Tim Dierks and C. Allen. RFC 2246: The TLS Protocol 1.0, January1999.
[32] W. Di±e and M. E. Hellman. New directions in cryptography. IEEETransactions on Information Theory, IT-22(6):644{654, 1976.
[33] Naganand Doraswamy and Dan Harkins. IPSec: The New SecurityStandard for the Internet, Intranets, and Virtual Private Networks.Prentice Hall PTR, Upper Saddle River, New Jersey, 1999.
[34] Olivier Dubuisson. ASN.1 | Communication between heterogeneoussystems. Morgan Kau®mann, San Francisco, CA, 2001.
[35] D. Eastlake, J. Reagle, and D. Solo. RFC 3075: (extensible markuplanguage) XML-signature syntax and processing, March 2001.
[36] Taher ElGamal. A public key cryptosystem and a signature schemebased on discrete logarithms. IEEE Transactions on InformationTheory, 31(4):469{472, July 1985.
[37] C. Ellison. RFC 2692: Simple Public Key Infrastructure (SPKI)Requirements, September 1999.
[38] Carl Ellison and Bruce Schneier. Ten risks of PKI: What you'renot being told about public key infrastructure. Computer SecurityJournal, XVI(1):1{7, 2000.
[39] Aaron Emigh. Online Identity Theft: Phish-ing Technology, Chokepoints and Countermeasures.http://www.antiphishing.org/Phishing-dhs-report.pdf, October2005. ITTC Report on Online Identity Theft Technology andCountermeasures.
[40] Paul England, Butler Lampson, John Manferdelli, Marcus Peinado,and Bryan Willman. A trusted open platform. IEEE Computer,36(7):55{62, July 2003.
[41] Dino Esposito. Windows Hooks in the .NET Framework. MSDNMagazine, 17(10), October 2002.
[42] Edward W. Felten, Dirk Balfanz, Drew Dean, and Dan S. Wallach.Web spoo¯ng: An internet con game. In Proceedings of 20th Na-tional Information Systems Security Conference, pages 95{103, Oc-tober 1997.
[43] David Flanagan. Java in a Nutshell. O'Reilly Media, Inc., Se-bastopol, CA, 3rd edition, 1999.
[44] David Flanagan. JavaScript: The De¯nitive Guide. O'Reilly Media,Inc., Sebastopol, CA, 4th edition, 2001.
[45] Warwick Ford. Computer Communication Security: Principles,Standard Protocols and Techniques. Prentice Hall PTR, Upper Sad-dle River, New Jersey, 1994.
[46] Warwick Ford and Michael S. Baum. Secure Electronic Commerce:Building the Infrastructure for Digital Signatures & Encryption.Prentice Hall PTR, Upper Saddle River, New Jersey, 2001.
[47] S. M. Furnell, A. Jusoh, and D. Katsabas. The challenges of under-standing and using security: A survey of end-users. Computers &Security, 25(1):27{35, February 2006.
[48] Steven Furnell. Why users cannot use security. Computers & Secu-rity, 24(4):274{279, June 2005.
[49] Simon Gar¯nkel and Gene Spa®ord. Web Security & Commerce.O'Reilly Media, Inc., Sebastopol, CA, 1997.[50] Simson Gar¯nkel. PGP: Pretty Good Privacy. O'Reilly Media, Inc.,Sebastopol, CA, 1994.
[51] Simson Gar¯nkel. Email-based identi¯cation and authentication: Analternative to PKI? IEEE Security & Privacy, 1(6):20{26, Novem-ber/December 2003.
[52] Tal Gar¯nkel, Ben Pfa®, Jim Chow, Mendel Rosenblum, and DanBoneh. Terra: a virtual machine-based platform for trusted com-puting. ACM SIGOPS Operating Systems Review, 37(5):193{206,December 2003.
[53] David Geer. Security technologies go phishing. IEEE ComputerMagazine, 38(6):18{21, June 2005.
[54] James Gosling and Frank Yellin. The Java Application ProgrammingInterface. Addison Wesley Publishing Company, Boston, MA, 1996.
[55] Peter Gutmann. A reliable, scalable general-purpose certi¯cate store.In Proceedings of the 16th Annual Computer Security ApplicationsConference, December 11-15, 2000, New Orleans, Louisiana, pages278{287. IEEE, 2000.
[56] Peter Gutmann. Plug-and-Play PKI: A PKI your mother can use. InProceedings of the 12th USENIX Security Symposium, pages 45{68.USENIX Association, August 2003.
[57] Peter Gutmann and Ian Grigg. Security usability. Security & Pri-vacy, 3(4):56{58, July 2005.
[58] James M. Hayes. The problem with multiple roots in web browsers| certi¯cate masquerading. In Proceedings of the IEEE 7th In-ternational Workshops on Enabling Technologies: Infrastructure forCollaborative Enterprises, pages 306{311. IEEE Computer Society,1998.
[59] James M. Hayes. Secure in-band update of trusted certi¯cates. InProceedings of the IEEE 8th International Workshops on EnablingTechnologies: Infrastructure for Collaborative Enterprises, pages168{173. IEEE Computer Society, June 1999.
[60] Morten Hertzum, Niels J¿rgensen, and Mie N¿rgaard. Usable se-curity and E-banking: Ease of use vis-µa-vis security. AustralasianJournal of Information Systems, 11(special issue):52{65, 2004.
[61] Christian Hohnstaedt. XCA | graphical certi¯cation authority,November 2003. http://sourceforge.net/projects/xca.
[62] Jerry Honeycutt. Microsoft Windows XP Registry Guide. MicrosoftPress, Richmond, Washington, 2003.
[63] David Hopwood. A comparison between java and activeX security.In Proceedings of the Compsec '97, 1997.
[64] R. Housley, W. Polk, W. Ford, and D. Solo. RFC 3280: InternetX.509 Public Key Infrastructure Certi¯cate and Certi¯cate Revoca-tion List (CRL) Pro¯le, April 2002.
[65] Michael Howard and David LeBlanc. Writing Secure Code. MicrosoftPress, Redmond, Washington, 2nd edition, 2002.
[66] http://www.sleepycat.com. Berkeley DB.
[67] Ping Hu and Bruce Christianson. Is your computing environment se-cure? Security problems with interrupt handling mechanisms. ACMOperating Systems Review, 29(4):87{96, October 1995.
[68] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 7498-2: Information processing systems | OpenSystems Interconnection | Basic Reference Model | Part 2: Secu-rity Architecture, 1989.
[69] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 8824-1: Information technology | Abstract SyntaxNotation One (ASN.1): Speci¯cation of basic notation, 2002.
[70] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 8825-1: Information technology { ASN.1 encodingrules: Speci¯cation of Basic Encoding Rules (BER), Canonical En-coding Rules (CER) and Distinguished Encoding Rules (DER), 2002.
[71] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 9796 Parts 2/3, Information technology | Secu-rity techniques | Digital signature scheme giving message recovery,October 2002.
[72] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 9797-2: Information technology | Security tech-niques | Message Authentication Codes (MACs) | Part 2: Mech-anisms using a dedicated hash-function, June 2002.
[73] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 10118-4: Information technology | Security tech-niques | Hash Functions | Part 4: Hash-functions using modulararithmetic, February 2003.
[74] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 10118-1: Information technology | Security tech-niques | Hash Functions | Part 1: General, December 2004.
[75] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 10118-2: Information technology | Security tech-niques | Hash Functions | Part 2: Hash-functions using an n-bitblock cipher, December 2004.
[76] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 10118-3: Information technology | Security tech-niques | Hash Functions | Part 3: Dedicated hash functions,February 2004.
[77] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 14888 Parts 1/2/3, Information technology | Secu-rity techniques | Digital signatures with appendix, July 2004.
[78] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 18033-1: Information technology | Security tech-niques | Encryption algorithms | Part 1: General, March 2005.
[79] International Organization for Standardization, Geneva, Switzer-land. ISO/IEC 18033-2: Information technology | Security tech-niques | Encryption algorithms | Part 2: Asymmetric ciphers,May 2006.
[80] International Telecommunication Union. X.509 Information technol-ogy | Open Systems Interconnection | The Directory: Public-keyand attribute certi¯cate frameworks, 4th edition, 2000.
[81] International Telecommunication Union. X.680 Information technol-ogy { Abstract Syntax Notation One (ASN.1): Speci¯cation of basicnotation, July 2002.
[82] International Telecommunication Union. X.690 Information technol-ogy { ASN.1 encoding rules: Speci¯cation of Basic Encoding Rules(BER), Canonical Encoding Rules (CER) and Distinguished Encod-ing Rules (DER), July 2002.
[83] Markus Jakobsson and Adam Young. Distributed phishing attacks.Cryptology ePrint Archive, Report 2005/091, 2005.
[84] Uwe Jendricke and Daniela Gerd tom Markotten. Usability meetssecurity | the identity-manager as your personal security assistantfor the internet. In Proceedings of the 16th Annual Computer SecurityApplications Conference (ACSAC'00), December 2000.
[85] A. J¿sang, D. Povey, and A. Ho. What you see is not always what yousign. In Proceedings of the Australian UNIX User Group, Melbourne,September 2002.
[86] K. Kain. Electronic documents and digital signatures. TechnicalReport TR2003-457, Department of Computer Science, DartmouthCollege, May 2003.
[87] K. Kain, S. W. Smith, and R. Asokan. Digital signatures and elec-tronic documents: A cautionary tale. In B. Jerman-Blazic andT. Klobucar, editors, Proceedings of the Advanced Communicationsand Multimedia Security, IFIP TC6/TC11 Sixth Joint Working Con-ference on Communications and Multimedia Security, September 26-27, 2002, Portoroz, Slovenia, volume 228 of IFIP Conference Pro-ceedings, pages 293{308. Kluwer Academic, Boston, MA, 2002.
[88] B. Kaliski. RFC 2314: PKCS#10: Certi¯cation Request SyntaxVersion 1.5, March 1998.
[89] Joseph M Kizza. Computer Network Security. Department of Com-puter Science, University of Tennessee-Chattanooga, Chattanooga,TN, 2005.
[90] David Kravitz. Digital signature algorithm. U.S. Patent Number5231668, applied for July 26, 1991, received July 27, 1993.
[91] Albert Levi. How secure is secure web browsing? Communicationsof the ACM, 46(7):152, July 2003.
[92] Paul Lomax, Ron Petrusha, and Matt Childs. VBScript in a Nut-shell. O'Reilly Media, Inc., Sebastopol, CA, 2nd edition, 2003.
[93] Peter Loshin. Big Book of IPsec RFCs: Internet Security Architec-ture. Morgan Kau®mann, San Francisco, CA, 2000.
[94] John Marchesini, S. W. Smith, and Meiyuan Zhao. Keyjacking:Risks of the current client-side infrastructure. In Proceedings of the2nd PKI Research Workshop, 2003.
[95] John Marchesini, S. W. Smith, and Meiyuan Zhao. Keyjacking:the surprising insecurity of client-side SSL. Computers & Security,24(2):109{123, March 2004.
[96] Gary McGraw and Edward W. Felten. Securing Java: Getting Downto Business with Mobile Code. John Wiley & Sons, Inc., New York,NY, 2nd edition, 1999.
[97] A. Menezes, P. C. van Oorschot, and S. A. Vanstone. Handbook ofapplied cryptography. CRC Press, Boca Raton, Florida, 1997.
[98] John R. Michener and Tolga Acar. Managing system and activecontent integrity. IEEE Computer Magazine, 33(7):108{110, July2000.
[99] Microsoft Corporation. Certi¯cate creation tool (makecert.exe), May2004. http://msdn.microsoft.com/.
[100] Microsoft Corporation. Cryptography, CryptoAPI, and CAPICOM,May 2004. http://msdn.microsoft.com/.
[101] Microsoft Corporation. Messages and Message Queues, May 2004.http://msdn.microsoft.com/.
[102] C. J. Mitchell and R. Scha®elhofer. The personal PKI. In C. J.Mitchell, editor, Security for Mobility, chapter 3, pages 35{61. IEE,London, UK, 2004.
[103] Chris J. Mitchell, editor. Trusted Computing. IEE, 2005.
[104] Daisuke Miyamoto, Hiroaki Hazeyama, and Youki Kadobayashi.SPS: a simple ¯ltering algorithm to thwart phishing attacks. InKenjiro Cho and Philippe Jacquet, editors, AINTEC 2005, volume3837 of Lecture Notes in Computer Science, pages 196{209. Springer-Verlag, Berlin, December 2005.
[105] M. Myers, C. Adams, D. Solo, and D. Kemp. RFC 2511: InternetX.509 Certi¯cate Request Message Format, March 1999.
[106] M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams. RFC2560: X.509 Internet Public Key Infrastructure Online Certi¯cateStatus Protocol | OCSP, June 1999.
[107] Andrew Nash, William Duane, Celia Joseph, and Derek Brink.PKI: Implementing and Managing E-Security. Osborne/McGraw-Hill, Berkeley, California, 2001.
[108] Scott Oaks. Java Security. O'Reilly Media, Inc., Sebastopol, CA,2nd edition, 2001.
[109] Imperial College Department of Computing. Free online dictionaryof computing. http://www.foldoc.org/, 2006.
[110] National Institute of Standards and Technology. FIPS PUB 46-2:Data Encryption Standard (DES). Gaithersburg, MD, USA, Decem-ber 1993.
[111] National Institute of Standards and Technology. FIPS PUB 180-1:Secure Hash Standard. Gaithersburg, MD, USA, April 1995.
[112] National Institute of Standards and Technology. FIPS PUB 186-2:Digital Signature Standard (DSS). Gaithersburg, MD, USA, January2000.
[113] National Institute of Standards and Technology. FIPS PUB 197:Advanced Encryption Standard (AES). Gaithersburg, MD, USA,November 2001.
[114] Gunter Ollmann. The phishing guide understanding & preventingphishing attacks. NGSSoftware Insight Security Research, May 2006.
[115] OpenBSD. Cryptography in OpenBSD, April 2006.http://www.openbsd.org/crypto.html.
[116] Robert Orfali and Dan Harkey. Client/server programming with Javaand CORBA. John Wiley & Sons, Inc., New York, NY, USA, 1999.
[117] PassMark Security, LLC. Protecting Your Customers from PhishingAttacks, June 2005. http://www.passmarksecurity.com/.
[118] Siani Pearson. Trusted computing: Strengths, weaknesses and fur-ther opportunities for enhancing privacy. In Peter Herrmann, Val¶erieIssarny, and Simon Shiu, editors, Proceedings of the Trust Manage-ment: Third International Conference, iTrust 2005, volume 3477 ofLecture Notes in Computer Science, pages 305{320. Springer-Verlag,Berlin, May 2005.
[119] Matt Pietrek. Under the hood. Microsoft Systems Journal, 15(2),February 2000.
[120] The OpenSSL Project. OpenSSL, November 2005.http://www.openssl.org/.
[121] Jason Reid. Secure Shell in the Enterprise. Prentice Hall, UpperSaddle River, New Jersey, 2003.
[122] Eric Rescorla. SSL and TLS: Building and Designing Secure Systems.Addison-Wesley, Boston, MA, 2000.
[123] R. Rivest. RFC 1321: The MD5 Message-Digest Algorithm, April1992.
[124] R. L. Rivest, A. Shamir, and L. M. Adelman. A method for obtainingdigital signatures and public-key cryptosystems. Technical ReportMIT/LCS/TM-82, MIT, 1977.
[125] Scott Roberts. Programming Microsoft Internet Explorer 5. Mi-crosoft Press, Redmond, Washington, 1999.
[126] RSA. RSA SecurID°c Authenticators, 2005.http://www.rsasecurity.com.
[127] Mark E. Russinovich and David A. Solomon. Microsoft WindowsInternals. Microsoft Press, Redmond, Washington, 4th edition, 2004.
[128] Doug Sax. DNS spoo¯ng (malicious cache poisoning). SANS Insti-tute, 2002.
[129] K. Scheibelhofer. Signing XML documents and the concept of `WhatYou See Is What You Sign'. Master's thesis, Institute for Applied In-formation Processing and Communications, Graz University of Tech-nology, January 2001.
[130] Bruce Schneier. Applied Cryptography: Protocols, Algorithms, andSource Code in C. John Wiley & Sons, Inc., New York, NY, 1996.
[131] Bruce Schneier. Secrets and Lies: Digital Security in a NetworkedWorld. John Wiley & Sons, Inc., New York, NY, 2000.
[132] John D. Sileo. Stolen Lives: Identity Theft Prevention Made Simple.DaVinci Publishing, Denver, CO, 2005.
[133] Nigel Smart. Cryptography: An Introduction. McGraw-Hill Educa-tion, Maidenhead, Berkshire UK, 2003.
[134] A. Spalka, A. B. Cremers, and H. Langweg. The fairy tale of `whatyou see is what you sign' | Trojan horse attacks on software for dig-ital signature. In S. Fischer-HÄubner, D. Olejar, and K. Rannenberg,editors, Proceedings of the IFIP WG 9.6/11.7 Working Conference.Security and Control of IT in Society-II (SCITS-II), Bratislava, Slo-vakia, June 2001.
[135] A. Spalka, A. B. Cremers, and H. Langweg. Protecting the cre-ation of digital signatures with trusted computing platform technol-ogy against attacks by trojan horse programs. In Michel Dupuy andPierre Paradinas, editors, Proceedings of the IFIP SEC 2001, pages403{420. Kluwer Academic, Boston, MA, 2001.
[136] William Stallings. Cryptography and Network Security: Principlesand Practice. Prentice Hall PTR, Upper Saddle River, New Jersey,2nd edition, 2003.
[137] Andrew S. Tanenbaum. Modern Operating Systems. Prentice HallPTR, Upper Saddle River, New Jersey, 1992.
[138] TCG Infrastructure Workgroup. Subject Key Attestation EvidenceExtension Speci¯cation Version 1.0, June 2005.
[139] TechDictionary. The online computer dictionary.http://www.techdictionary.com/, 2006.
[140] Stephen Thomas. SSL and TLS Essentials: Securing the Web. JohnWiley & Sons, Inc., New York, NY, 2000.
[141] Matej Trampu·s, Mojca Ciglari·c, Matja·z Pan·cur, and Tone Vidmar.Are E-commerce users defenceless? In Proceedings of the Interna-tional Parallel and Distributed Processing Symposium (IPDPS03),pages 244{250. IEEE Computer Society, 2003.
[142] Matej Trampu·s, Mojca Ciglari·c, Matja·z Pan·cur, and Tone Vidmar.Attacking end user's applications by run time modi¯cations. In M. H.Hamza, editor, Proceedings of the Applied Informatics (AI 2003).ACTA Press, 2003.
[143] Jonathan T. Trostle. Timing attacks against trusted path. In Pro-ceedings of the 1998 IEEE Symposium on Security and Privacy,pages 125{135. IEEE Computer Society, 1998.
[144] Trusted Computing Group. TCPA Main Speci¯cation Version 1.1b,2003.
[145] Trusted Computing Group. TPM Main Part 1 Design Principles 1.2Revision 85, 2005.
[146] Trusted Computing Group. TPM Main Part 2 TPM Structures 1.2Revision 85, 2005.
[147] Trusted Computing Group. TPM Main Part 3 Commands 1.2 Re-vision 85, 2005.
[148] Trusted Computing Group. TCG Software Stack Speci¯cation Ver-sion 1.2, 2006.
[149] Utimaco Safeware: Digital Transaction Security Marketing.WYSIWYS What You See Is What You Sign, June 2003.http://www.utimaco.de/eng/content pdf/wysiwys.pdf.
[150] Verisign. Digital IDs: The New Advantage, 2005.http://www.verisign.com/repository/clientauth/clientauth.html.
[151] Verisign. VeriSign°c USB Token, 2005. http://www.verisign.com.
[152] The W3C. Extensible markup language (XML), August 2003.http://www.w3.org/XML.
[153] Bee Ware. The risk of application attacks securing web applications.http://www.securitydocs.com/library/2839, January 2005.
[154] A. Weber. See what you sign: Secure implementations of digitalsignatures. In S. Trigila, A. P. Mullery, M. Campolargo, H. Vander-straeten, and M. Mampaey, editors, Proceedings of the Intelligence inServices and Networks: Technology for Ubiquitous Telecom Services,5th International Conference on Intelligence and Services in Net-works, IS&N'98, Antwerp, Belgium, May 25-28, 1998, Proceedings,volume 1430 of Lecture Notes in Computer Science, pages 509{520.Springer-Verlag, Berlin, 1998.
[155] Webopedia. Online computer dictionary for computer and internetterms and de¯nitions. http://www.webopedia.com/, 2006.
[156] Alma Whitten and J. D. Tygar. Usability of security: A casestudy. technical report CMU-CS-98-155, School of Computer Sci-ence, Carnegie Mellon, December 1998.
[157] Simeon Xenitellis. Security vulnerabilitiesin in event-driven systems.In Proceedings of the Security in the Information Society: Visionsand Perspectives, pages 147{160, Cairo, Egypt, May 2002. KluwerAcademic Press.
[158] Eileen Zishuang Ye, Sean Smith, and Denise Anthony. Trusted pathsfor browsers. ACM Transactions on Information and System Secu-rity, 8(2):153{186, May 2005.
[159] Eileen Zishuang Ye, Yougu Yuan, and Sean Smith. Web spoo¯ng re-visited: SSL and beyond. Technical Report TR2002-417, DartmouthCollege, Computer Science, Hanover, NH, February 2002.
[160] Ka-Ping Yee. User interaction design for secure systems. In Infor-mation and Communications Security: 4th International Conference,ICICS 2002.
[161] Stefano Zanero. Security and trust in the italian legal digital sig-nature framework. In Peter Herrmann, Valerie Issarny, and SimonShiu, editors, Proceedings of the iTrust 2005, volume 3477 of LectureNotes in Computer Science, pages 34{44. Springer-Verlag, Berlin,May 2005.
[162] Elizabeth D. Zwicky, Simon Cooper, and D. Brent Chapman. Build-ing Internet Firewalls. O'Reilly Media, Inc., Sebastopol, CA, 2000.