From 385cc92bc91e1a6c3724085c060e76bf40c13ed3 Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Tue, 15 Oct 2024 16:08:16 +0200 Subject: Import PhD thesis --- summary/src/ctga/main.tex | 70 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 summary/src/ctga/main.tex (limited to 'summary/src/ctga/main.tex') diff --git a/summary/src/ctga/main.tex b/summary/src/ctga/main.tex new file mode 100644 index 0000000..bc5ff45 --- /dev/null +++ b/summary/src/ctga/main.tex @@ -0,0 +1,70 @@ +\begin{kaupaper}[ + author={% + \textbf{Rasmus Dahlberg}, + Tobias Pulls, + Jonathan Vestin, + Toke H{\o}iland-J{\o}rgensen, and + Andreas Kassler + }, + title={% + Aggregation-Based Certificate Transparency Gossip + }, + reference={% + SECURWARE (2019) + }, + summary={% + Another often overlooked part of Certificate Transparency is that monitors + and end-users who browse websites must observe the same append-only + logs. For example, if the same append-only logs are not observed, an + end-user may connect to a website that serves a mis-issued certificate + that no monitor will discover. This would largely defeat the purpose of + public logging, which is why RFC~6962 specifies that multiple gossip + protocols should be defined separately in the future. We define one such + protocol that plugs into the (at the time current) idea of having + end-users interact with the logs through DNS. Our work is exploratory, + using recent advancements in programmable packet processors that allow + turning routers, switches, and network interface cards into + \emph{aggregators} of tree heads that the logs signed and transmitted in + plaintext via DNS. The aggregated tree heads are then used as a reference + while challenging the logs to prove consistency, thus protecting + entire vantage points from undetected split views. A different + network path (like Tor) can be used to break out of a local vantage point + to increase the likelihood of global consistency. If the security + definition for \emph{aggregation indistinguishability} is satisfied, + vantage points without an aggregator may also receive protection due to + herd immunity. Our P4 and XDP prototypes satisfy the notion of + aggregation indistinguishability at line-rate with regard to throughput. + Prevalent vantage points to roll out aggregation-based gossip include + autonomous systems and Internet exchange points that route the traffic of + many users. Our RIPE Atlas measurements show that 32 autonomous systems + could protect 30-50\% of the IPv4 space from undetected split views. + End-users merely need to use plaintext DNS for opt-in. + }, + participation={\vspace{-.25cm} + Andreas and Tobias had the initial idea of exploring the intersection + between Certificate Transparency and programmable packet processors. I did most of the + design and writing with feedback from Tobias, our RIPE Atlas measurements, + and our performance benchmarks with Jonathan and Toke. + }, + label={ + paper:ctga + }, +] + \maketitle + \begin{abstract} + \input{src/ctga/src/abstract} + \end{abstract} + + \input{src/ctga/src/introduction} + \input{src/ctga/src/background} + \input{src/ctga/src/design} + \input{src/ctga/src/implementation} + \input{src/ctga/src/measurements} + \input{src/ctga/src/related} + \input{src/ctga/src/discussion} + \input{src/ctga/src/conclusion} + \input{src/ctga/src/acknowledgments} + + \bibliographystyle{plain} + \bibliography{src/ctga/src/ref} +\end{kaupaper} -- cgit v1.2.3