65 research outputs found
Transparency Logs via Append-only Authenticated Dictionaries
Transparency logs allow users to audit a potentially malicious service, paving the way towards a more accountable Internet.
For example, Certificate Transparency (CT) enables domain owners to audit Certificate Authorities (CAs) and detect impersonation attacks.
Yet, to achieve their full potential, transparency logs must be bandwidth-efficient when queried by users.
Specifically, everyone should be able to efficiently look up log entries by their key and efficiently verify that the log remains append-only.
Unfortunately, without additional trust assumptions, current transparency logs cannot provide both small-sized lookup proofs and small-sized append-only proofs.
In fact, one of the proofs always requires bandwidth linear in the size of the log, making it expensive for everyone to query the log.
In this paper, we address this gap with a new primitive called an append-only authenticated dictionary (AAD).
Our construction is the first to achieve (poly)logarithmic size for both proof types and helps reduce bandwidth consumption in transparency logs.
This comes at the cost of increased append times and high memory usage, both of which remain to be improved to make practical deployment possible
DTKI: a new formalized PKI with no trusted parties
The security of public key validation protocols for web-based applications
has recently attracted attention because of weaknesses in the certificate
authority model, and consequent attacks.
Recent proposals using public logs have succeeded in making certificate
management more transparent and verifiable. However, those proposals involve a
fixed set of authorities. This means an oligopoly is created. Another problem
with current log-based system is their heavy reliance on trusted parties that
monitor the logs.
We propose a distributed transparent key infrastructure (DTKI), which greatly
reduces the oligopoly of service providers and allows verification of the
behaviour of trusted parties. In addition, this paper formalises the public log
data structure and provides a formal analysis of the security that DTKI
guarantees.Comment: 19 page
Efficient Sparse Merkle Trees: Caching Strategies and Secure (Non-)Membership Proofs
A sparse Merkle tree is an authenticated data structure based on a perfect Merkle tree of intractable size. It contains a distinct leaf for every possible output from a cryptographic hash function, and can be simulated efficiently because the tree is sparse (i.e., most leaves are empty). We are the first to provide complete, succinct, and recursive definitions of a sparse Merkle tree and related operations. We show that our definitions enable efficient space-time trade-offs for different caching strategies, and that verifiable audit paths can be generated to prove (non-)membership in practically constant time (<4 ms) when using SHA-512/256. This is despite a limited amount of space for the cache---smaller than the size of the underlying data structure being authenticated---and full (concrete) security in the multi-instance setting
PKI Safety Net (PKISN): Addressing the Too-Big-to-Be-Revoked Problem of the TLS Ecosystem
In a public-key infrastructure (PKI), clients must have an efficient and
secure way to determine whether a certificate was revoked (by an entity
considered as legitimate to do so), while preserving user privacy. A few
certification authorities (CAs) are currently responsible for the issuance of
the large majority of TLS certificates. These certificates are considered valid
only if the certificate of the issuing CA is also valid. The certificates of
these important CAs are effectively too big to be revoked, as revoking them
would result in massive collateral damage. To solve this problem, we redesign
the current revocation system with a novel approach that we call PKI Safety Net
(PKISN), which uses publicly accessible logs to store certificates (in the
spirit of Certificate Transparency) and revocations. The proposed system
extends existing mechanisms, which enables simple deployment. Moreover, we
present a complete implementation and evaluation of our scheme.Comment: IEEE EuroS&P 201
SoK: Log Based Transparency Enhancing Technologies
This paper systematizes log based Transparency Enhancing Technologies. Based
on established work on transparency from multiple disciplines we outline the
purpose, usefulness, and pitfalls of transparency. We outline the mechanisms
that allow log based transparency enhancing technologies to be implemented, in
particular logging mechanisms, sanitisation mechanisms and the trade-offs with
privacy, data release and query mechanisms, and how transparency relates to the
external mechanisms that can provide the ability to contest a system and hold
system operators accountable. We illustrate the role these mechanisms play with
two case studies, Certificate Transparency and cryptocurrencies, and show the
role that transparency plays in their function as well as the issues these
systems face in delivering transparency
- …