\begin{kaupaper}[
    author={%
      \textbf{Rasmus Dahlberg},
      Tobias Pulls,
      Jonathan Vestin,
      Toke H{\o}iland-J{\o}rgensen, and
      Andreas Kassler
    },
    title={%
      Aggregation-Based Certificate Transparency Gossip
    },
    reference={%
      SECURWARE (2019)
    },
    summary={%
      Another often overlooked part of Certificate Transparency is that monitors
      and end-users who browse websites must observe the same append-only
      logs.  For example, if the same append-only logs are not observed, an
      end-user may connect to a website that serves a mis-issued certificate
      that no monitor will discover.  This would largely defeat the purpose of
      public logging, which is why RFC~6962 specifies that multiple gossip
      protocols should be defined separately in the future.  We define one such
      protocol that plugs into the (at the time current) idea of having
      end-users interact with the logs through DNS.  Our work is exploratory,
      using recent advancements in programmable packet processors that allow
      turning routers, switches, and network interface cards into
      \emph{aggregators} of tree heads that the logs signed and transmitted in
      plaintext via DNS.  The aggregated tree heads are then used as a reference
      while challenging the logs to prove consistency, thus protecting
      entire vantage points from undetected split views.  A different
      network path (like Tor) can be used to break out of a local vantage point
      to increase the likelihood of global consistency.  If the security
      definition for \emph{aggregation indistinguishability} is satisfied,
      vantage points without an aggregator may also receive protection due to
      herd immunity.  Our P4 and XDP prototypes satisfy the notion of
      aggregation indistinguishability at line-rate with regard to throughput.
      Prevalent vantage points to roll out aggregation-based gossip include
      autonomous systems and Internet exchange points that route the traffic of
      many users.  Our RIPE Atlas measurements show that 32 autonomous systems
      could protect 30-50\% of the IPv4 space from undetected split views.
      End-users merely need to use plaintext DNS for opt-in.
    },
    participation={\vspace{-.25cm}
      Andreas and Tobias had the initial idea of exploring the intersection
      between Certificate Transparency and programmable packet processors.  I did most of the
      design and writing with feedback from Tobias, our RIPE Atlas measurements,
      and our performance benchmarks with Jonathan and Toke.
    },
    label={
      paper:ctga
    },
]
  \maketitle
  \begin{abstract}
    \input{src/ctga/src/abstract}
  \end{abstract}
  
  \input{src/ctga/src/introduction}
  \input{src/ctga/src/background}
  \input{src/ctga/src/design}
  \input{src/ctga/src/implementation}
  \input{src/ctga/src/measurements}
  \input{src/ctga/src/related}
  \input{src/ctga/src/discussion}
  \input{src/ctga/src/conclusion} 
  \input{src/ctga/src/acknowledgments}
  
  \bibliographystyle{plain}
  \bibliography{src/ctga/src/ref}
\end{kaupaper}