New Tool for SSH and self-signed HTTPS Authentication


Our research group at Carnegie Mellon has created a new tool called
Perspectives to help authenticate remote hosts without requiring a
full-blown PKI. Given the increased vulnerability to
"man-in-the-middle" attacks due to the recent DNS issue, this tool
seems relevant to anyone using SSH or HTTPS with self-signed
certificates (It also can help clients avoid the annoying security
error page Firefox 3 now shows for all sites using self-signed SSL

How it works: Perspectives uses network probes from multiple network
locations and over time to get a better idea if the unauthenticated
key your SSH client or browser received from the network is in fact
the server's valid key. We have a few such probing servers, which we
call "network notaries", scattered through the Internet, meaning that
you can easily check if a key is likely to be valid even if it has not
been signed by a certificate authority. The first time a notary is
queried for a particular destination, they probe "on-demand" and
return information about the key currently used by that sever. Once
they know about a server, the notary will contact it daily to build up
a history of the keys that server has used over time. Subsequent
client queries can take advantage of historical key information as

You can play with this approach using one of three "clients" we've created:

* a web interface which shows a graphical timeline of the keys used by
a server ( )
* a modified version of openSSH that contacts notaries and reports the
results when the key received from the remove server differs from the
cached key ( )
* a firefox extension (version 3+ only) that queries notaries and can
override the annoying security error page firefox gives you for any
self-signed certificate. ( )

An academic paper and more general information is available at:

All the code is open-source and we welcome feedback. Thanks for your time,

Dan Wendlandt & the Perspectives Team