Securing Domain Validation

The Public Key Infrastructure protects users from malicious man-in-the-middle attacks by having trusted Certificate Authorities vouch for the identity of servers on the Internet through digitally signed certificates - usually displayed to users on their Internet browser via a small padlock icon near the address bar. Ironically, the mechanism that Certificate Authorities use to issue certificates (domain validation) is itself vulnerable to man-in-the-middle attacks by network-level adversaries.

This project analyzed the attack surface of domain validation against BGP-based attacks, designed countermeasures to secure domain validation protocols, and deployed them in real-world production systems such as Let's Encrypt and Cloudflare. This provides protection from these attacks to hundreds of millions of websites around the globe.

In order to protect domain validation from BGP attacks, the project also worked on a more secure domain validation protocol - multiple vantage point validation. Using multiple vantage point validation, a CA validates a domain from multiple diverse vantage points spread throughout the Internet. This ensures the CA has a global view of Internet routing and prevents the CA from falling victim to BGP attacks that often only affect a portion of the Internet. The project has deployed and rigorously verified the effectiveness of multiple vantage point domain validation at the world’s largest certificate authority (Let’s Encrypt).