Efficient gossip protocols for verifying the consistency of Certificate logs

Chuat, Laurent; Szałachowski, Paweł; Perrig, Adrian; Laurie, Ben; Messeri, Eran

doi:10.1109/cns.2015.7346853

Cited by 65 publications

(55 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, by comparing with the certificates, keys, and domains observed in 232 million HTTPS sessions on a university network, we demonstrate how the coverage of the crawled logs captures the certificates observed during typical internet usage and that popular domains appear to be more willing to pay the extra cost of EV certificates. Future work could try to intercept the exchange of SCTs, so to also capture the potential validation that clients could do directly with the CT logs or the additional protection against partitioning that gossiping [6,21] and client-to-client communication may offer.…”

Section: Discussionmentioning

confidence: 99%

“…Again, the newer logs (with fewer entries) stick out with a large fraction SHA1 certificates. These certificates have been added relatively recently and include a large fraction weaker self-signed SHA1 test certificates from Google CT. One explanation that the outphasing of SHA1 is taking a long time is that many service providers, including Facebook and Twitter, are concerned that millions of users with older devices would lose access to their services and therefore want to delay the outphasing of SHA1 6 . With Facebook and Twitter only being responsible for 287 and 9 of the 250,000 most recently logged SHA1 certificates in the Pilot log, many other service providers also appear to be stalling.…”

Section: Certificate Analysismentioning

confidence: 99%

See 1 more Smart Citation

A First Look at the CT Landscape: Certificate Transparency Logs in Practice

Gustafsson

Overier

Arlitt

et al. 2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Section: Discussionmentioning

confidence: 99%

Section: Certificate Analysismentioning

confidence: 99%

A First Look at the CT Landscape: Certificate Transparency Logs in Practice

Gustafsson

Overier

Arlitt

et al. 2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

“…This would allow the attacker to play man-in-the-middle attacks, preventing the sender and receiver ever exchanging information about the log digests they have. In DECIM, users can detect such attacks by gossiping with their contacts, for example, through an out-of-band channel as used in Signal [12], or through a gossip protocol [26]- [28] as recommended by Google CT [18] and CONIKS [7]. Such a procedure will ensure that the log maintainer is not misbehaving.…”

Section: Attacks From a Third Partymentioning

confidence: 99%

DECIM: Detecting Endpoint Compromise In Messaging

Ryan

Cremers

2018

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

Abstract-We present DECIM, an approach to solve the challenge of detecting endpoint compromise in messaging. DECIM manages and refreshes encryption/decryption keys in an automatic and transparent way: it makes it necessary for uses of the key to be inserted in an append-only log, which the device owner can interrogate in order to detect misuse.We propose a multi-device messaging protocol that exploits our concept to allow users to detect unauthorised usage of their device keys. It is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proofof-concept implementation providing the main features required for deployment. We find that DECIM messaging is efficient even for millions of users.The methods we introduce are not intended to replace existing methods used to keep keys safe (such as hardware devices, careful procedures, or key refreshment techniques). Rather, our methods provide a useful and effective additional layer of security.

show abstract

“…Although the log's contents can be consulted and proved to be consistent, log servers can choose to ignore queries. Finally, to avoid a split-world attack, in which a malicious log server would show inconsistent versions of the log to different clients, a gossip protocol is needed [10]. Consequently, in order to tolerate a malicious or compromised CA, every certificate issuance should involve multiple CAs and all operations should be logged securely and in a fully distributed way.…”

Section: Introductionmentioning

confidence: 99%

BlockPKI: An Automated, Resilient, and Transparent Public-Key Infrastructure

Dykcik

Chuat

Szałachowski³

et al. 2018

2018 IEEE International Conference on Data Mining Workshops (ICDMW)

Self Cite

View full text Add to dashboard Cite

This paper describes BlockPKI, a blockchain-based public-key infrastructure that enables an automated, resilient, and transparent issuance of digital certificates. Our goal is to address several shortcomings of the current TLS infrastructure and its proposed extensions. In particular, we aim at reducing the power of individual certification authorities and make their actions publicly visible and accountable, without introducing yet another trusted third party. To demonstrate the benefits and practicality of our system, we present evaluation results and describe our prototype implementation.

show abstract

Efficient gossip protocols for verifying the consistency of Certificate logs

Cited by 65 publications

References 14 publications

A First Look at the CT Landscape: Certificate Transparency Logs in Practice

A First Look at the CT Landscape: Certificate Transparency Logs in Practice

DECIM: Detecting Endpoint Compromise In Messaging

BlockPKI: An Automated, Resilient, and Transparent Public-Key Infrastructure

Contact Info

Product

Resources

About