Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Verifiable Light-Weight Monitoring for Certificate Transparency Logs
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).ORCID iD: 0000-0003-0840-5072
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).ORCID iD: 0000-0001-6459-8409
2018 (English)In: Secure IT Systems. NordSec 2018: Lecture Notes in Computer Science, vol. 11252 / [ed] N. Gruschka, Springer, 2018, p. 171-183Conference paper, Published paper (Refereed)
Abstract [en]

Trust in publicly verifiable Certificate Transparency (CT) logs is reduced through cryptography, gossip, auditing, and monitoring. The role of a monitor is to observe each and every log entry, looking for suspicious certificates that interest the entity running the monitor. While anyone can run a monitor, it requires continuous operation and copies of the logs to be inspected. This has lead to the emergence of monitoring as-a-service: a trusted third-party runs the monitor and provides registered subjects with selective certificate notifications. We present a CT/bis extension for verifiable light-weight monitoring that enables subjects to verify the correctness of such certificate notifications, making it easier to distribute and reduce the trust which is otherwise placed in these monitors. Our extension supports verifiable monitoring of wild-card domains and piggybacks on CT’s existing gossip-audit security model. 

Place, publisher, year, edition, pages
Springer, 2018. p. 171-183
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 11252
Keywords [en]
Certificate Transparency, Monitoring, Security protocols, Network security, Transparency, Continuous operation, Light weight, Publicly verifiable, Security model, Trusted third parties, Wild cards, Patient monitoring
National Category
Computer and Information Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-70591DOI: 10.1007/978-3-030-03638-6_11ISI: 000509939800011Scopus ID: 2-s2.0-85057389362ISBN: 9783030036379 (print)OAI: oai:DiVA.org:kau-70591DiVA, id: diva2:1273091
Conference
Secure IT Systems. NordSec 2018, 28 November 2018 through 30 November 2018
Projects
HITS, 4707
Funder
Knowledge FoundationAvailable from: 2018-12-20 Created: 2018-12-20 Last updated: 2023-04-18Bibliographically approved
In thesis
1. On Certificate Transparency Verification and Unlinkability of Websites Visited by Tor Users
Open this publication in new window or tab >>On Certificate Transparency Verification and Unlinkability of Websites Visited by Tor Users
2023 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Certificate Transparency is an ecosystem of logs, monitors, and auditors that hold certificate authorities accountable while issuing certificates. We show how the amount of trust that TLS clients and domain owners need to place in Certificate Transparency can be reduced, both in the context of existing gradual deployments and the largely unexplored area of Tor. Our contributions include improved third-party monitoring, a gossip protocol plugging into Certificate Transparency over DNS, an incrementally deployable gossip-audit model tailored for Tor Browser, and using certificates with onion addresses. The methods used range from proof sketches to Internet measurements and prototype evaluations. An essential part of our evaluation in Tor is to assess how the protocols used during website visits—such as requesting an inclusion proof from a Certificate Transparency log—affect unlinkability between senders and receivers. We find that most false positives in website fingerprinting attacks can be eliminated for all but the most frequently visited sites. This is because the destination anonymity set can be reduced due to how Internet protocols work: communication is observable and often involves third-party interactions. Some of the used protocols can further be subject to side-channel analysis. For example, we show that remote (timeless) timing attacks against Tor’s DNS cache reliably reveal the timing of past exit traffic. The severity and practicality of our extension to website fingerprinting pose threats to the anonymity provided by Tor. We conclude that access to a so-called website oracle should be an assumed attacker capability when evaluating website fingerprinting defenses.

Abstract [sv]

Projektet Certificate Transparency är ett ekosystem av loggar, övervakare och granskare som håller certifikatutfärdare till svars för utfärdade webbcertifikat. Vi visar hur säkerheten kan höjas i ekosystemet för både domäninnehavare och TLS-klienter i nuvarande system samt som del av anonymitetsnätverket Tor. Bland våra större bidrag är förbättrad övervakning av loggarna, ett skvallerprotokollsom integrerats med DNS, ett skvaller- och granskningsprotokoll som utformats specifikt för Tors webbläsare och ett förslag på hur domännamn med adresser i Tor kan bli mer tillgängliga. De metoder som använts varierar från säkerhetsbevis till internetmätningar och utvärderingar av forskningsprototyper. En viktig del av vår utvärdering i Tor är att avgöra hur protokoll som används av webbläsare påverkar möjligheten att koppla ihop användare med besökta webbplatser. Detta inkluderar existerande protokoll samt nya tillägg för att verifiera om webbplatsers certifikat är transparensloggade. Våra resultat visar att i många fall kan falska positiva utslag filtreras bort vid mönsterigenkänning av Tor-användares krypterade trafik (eng: website fingerprinting). Orsaken är att besök till de flesta webbplatser kan uteslutas till följd av hur internetprotokoll fungerar: kommunikation är observerbar och involverar ofta interaktioner med tredjeparter. Vissa protokoll har dessutom sidokanaler som kan analyseras. Vi visar exempelvis att Tors DNS-cache kan undersökas med olika varianter av tidtagningsattacker. Dessa attacker är enkla att utföra över internet och avslöjar vilka domännamn som slagits upp vid angivna tidpunkter. De förbättrade mönsterigenkänningsattackerna mot webbplatser är realistiska och hotar därför Tors anonymitet. Vår slutsats är att framtida försvar bör utvärderas utifrån att angripare har tillgång till ett så kallat webbplatsorakel.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2023. p. 29
Series
Karlstad University Studies, ISSN 1403-8099 ; 2023:15
Keywords
Auditing, Certificate Transparency, DNS, Gossip, Side-Channels, Timing Attacks, Tor, Tor Browser, Website Fingerprinting, Website Oracles, Granskning, Certificate Transparency, DNS, Skvaller, Sidokanaler, Tidtagningsattacker, Tor, Torswebbläsare, Mönsterigenkänning, Webbplatsorakel
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-94343 (URN)978-91-7867-372-8 (ISBN)978-91-7867-373-5 (ISBN)
Public defence
2023-06-12, Eva Eriksson, 21A 342, Karlstad University, Karlstad, 10:15 (English)
Opponent
Supervisors
Projects
HITS (4707), SURPRISE (SSF, RIT17-0005)
Available from: 2023-05-22 Created: 2023-04-18 Last updated: 2023-05-22Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Dahlberg, RasmusPulls, Tobias

Search in DiVA

By author/editor
Dahlberg, RasmusPulls, Tobias
By organisation
Department of Mathematics and Computer Science (from 2013)
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 238 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf