ABSTRACT
Log-based PKI enhancements propose to improve the current TLS PKI by creating public logs to monitor CA operations, thus providing transparency and accountability. In this paper we take the first steps in studying the deployment process of log-based PKI enhancements in two ways. First, we model the influences that parties in the PKI have to incentivize one another to deploy a PKI enhancement, and determine that potential PKI enhancements should focus their initial efforts on convincing browser vendors to deploy. Second, as a promising vendor-based solution we propose deployment status filters, which use a Bloom filter to monitor deployment status and efficiently defend against downgrade attacks from the enhanced protocol to the current TLS PKI. Our results provide promising deployment strategies for log-based PKI enhancements and raise additional questions for further fruitful research.
- Comodo fraud incident 2011-03-23. https://www.comodo.com/Comodo-Fraud-Incident-2011-03-23.html, March 2011.Google Scholar
- Devdatta Akhawe and Adrienne Porter Felt. Alice in Warningland: A large-scale field study of browser security warning effectiveness. In Usenix Security, pages 257--272, 2013. Google ScholarDigital Library
- Hadi Asghari, Michel J. G. van Eeten, Axel M. Arnbak, and Nico A. N. M. van Eijk. Security economics in the HTTPS value chain. In Twelfth Workshop on the Economics of Information Security (WEIS 2013), November 2013.Google Scholar
- David Basin, Cas Cremers, Tiffany Hyun-Jin Kim, Adrian Perrig, Ralf Sasse, and Pawel Szalachowski. ARPKI: Attack Resilient Public-key Infrastructure. In Proceedings of the ACM Conference on Computer and Communications Security (CCS), November 2014. Google ScholarDigital Library
- Scott A. Crosby and Dan S. Wallach. Efficient data structures for tamper-evident logging. In USENIX Security Symposium, pages 317--334, August 2009. Google ScholarDigital Library
- Antoine Delignat-Lavaud, Martín Abadi, Andrew Birrell, Ilya Mironov, Ted Wobber, and Yinglian Xie. Web PKI: Closing the gap between guidelines and practices. In Proceedings of the 21st Annual Network and Distributed System Security Symposium, 2014.Google Scholar
- Adrienne Porter Felt, Robert W Reeder, Hazim Almuhimedi, and Sunny Consolvo. Experimenting at scale with Google Chrome's SSL warning. In Proceedings of the 32nd annual ACM conference on Human factors in computing systems, pages 2667--2670. ACM, April 2014. Google ScholarDigital Library
- CA/Browser Forum. Guidelines for the issuance and management of extended validation certificates (v. 1.0). https://cabforum.org/wp-content/uploads/EV_Certificate_Guidelines.pdf, June 2007.Google Scholar
- CA/Browser Forum. Guidelines for the issuance and management of extended validation certificates (v. 1.5.2). https://cabforum.org/wp-content/uploads/EV-V1_5_2Libre.pdf, October 2014.Google Scholar
- Hans Hoogstraaten, Ronald Prins, Daniël Niggebrugge, Danny Heppener, Frank Groenewegen, Janna Wettink, Kevin Strooy, Pascal Arends, Paul Pols, Robbert Kouprie, Steffen Moorrees, Xander van Pelt, and Yun Zheng Hu. Black Tulip: Report of the investigation into the DigiNotar certificate authority breach. www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2012/08/13/black-tulip-update/black-tulip-update.pdf, August 2012.Google Scholar
- Tiffany Hyun-Jin Kim, Lin-Shung Huang, Adrian Perrig, Collin Jackson, and Virgil Gligor. Accountable Key Infrastructure (AKI): A Proposal for a Public-Key Validation Infrastructure. In Proceedings of the International World Wide Web Conference (WWW), May 2013. Google ScholarDigital Library
- Adam Langley. Revocation checking and Chrome's CRL. https://www.imperialviolet.org/2012/02/05/crlsets.html, February 2012.Google Scholar
- Adam Langley. Enhancing digital certificate security. http://googleonlinesecurity.blogspot.ch/2013/01/enhancing-digital-certificate-security.html, January 2013.Google Scholar
- Ben Laurie. Improving the security of EV certificates, December 2014.Google Scholar
- Ben Laurie, Adam Langley, and Emilia Kasper. Certificate transparency. https://tools.ietf.org/html/rfc6962, June 2013.Google Scholar
- Stephanos Matsumoto and Raphael M. Reischuk. Certificates-as-an-Insurance: Incentivizing accountability in SSL/TLS. Proceedings of the NDSS Workshop on Security of Emerging Network Technologies (SENT '15), February 2015.Google ScholarCross Ref
- Ralph C. Merkle. A digital signature based on a conventional encryption function. In Carl Pomerance, editor, Advances in Cryptology -- CRYPTO '87, volume 293 of Lecture Notes in Computer Science, pages 369--378. Springer Berlin Heidelberg, 1988. Google ScholarDigital Library
- Microsoft. Erroneous verisign-issued digital certificates pose spoofing hazard. https://technet.microsoft.com/library/security/ms01-017, March 2001.Google Scholar
- Elinor Mills and Declan McCullagh. Google, Yahoo, Skype targeted in attack linked to Iran. http://www.cnet.com/news/google-yahoo-skype-targeted-in-attack-linked-to-iran/, March 2011.Google Scholar
- Jonathan Nightingale. DigiNotar removal follow up. https://blog.mozilla.org/security/2011/09/02/diginotar-removal-follow-up/, September 2011.Google Scholar
- Forrester Research. eCommerce web site performance today, August 2009.Google Scholar
- Mark D Ryan. Enhanced certificate transparency and end-to-end encrypted mail. Network and Distributed System Security Symposium (NDSS), February 2014.Google ScholarCross Ref
- Emily Stark, Lin-Shung Huang, Dinesh Israni, Collin Jackson, and Dan Boneh. The case for prefetching and prevalidating TLS server certificates. In NDSS, 2012.Google Scholar
- Pawel Szalachowski, Stephanos Matsumoto, and Adrian Perrig. Policert: Secure and flexible TLS certificate management. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 406--417. ACM, 2014. Google ScholarDigital Library
- Dan Wendlandt, David G. Andersen, and Adrian Perrig. Perspectives: Improving SSH-style host authentication with multi-path probing. In USENIX Annual Technical Conference, June 2008. Google ScholarDigital Library
- Michael Zusman and Alexander Sotirov. Sub-prime PKI: Attacking extended validation SSL. Black Hat Security Briefings, Las Vegas, USA, 2009.Google Scholar
Index Terms
Deployment challenges in log-based PKI enhancements
Recommendations
CAPS: Smoothly Transitioning to a More Resilient Web PKI
ACSAC '20: Proceedings of the 36th Annual Computer Security Applications ConferenceMany recent proposals to increase the resilience of the Web PKI against misbehaving CAs face significant obstacles to deployment. These hurdles include (1) the requirement of drastic changes to the existing PKI players and their interactions, (2) the ...
SiDD: The Situation-Aware Distributed Deployment System
Service-Oriented Computing – ICSOC 2020 WorkshopsAbstractMost of today’s deployment automation technologies enable the deployment of distributed applications in distributed environments, whereby the deployment execution is centrally coordinated either by a central orchestrator or a master in a ...
Decentralized Cross-organizational Application Deployment Automation: An Approach for Generating Deployment Choreographies Based on Declarative Deployment Models
Advanced Information Systems EngineeringAbstractVarious technologies have been developed to automate the deployment of applications. Although most of them are not limited to a specific infrastructure and able to manage multi-cloud applications, they all require a central orchestrator that ...
Comments