1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
\begin{kaupaper}[
author={%
\textbf{Rasmus Dahlberg},
Tobias Pulls,
Jonathan Vestin,
Toke H{\o}iland-J{\o}rgensen, and
Andreas Kassler
},
title={%
Aggregation-Based Certificate Transparency Gossip
},
reference={%
SECURWARE (2019)
},
summary={%
Another often overlooked part of Certificate Transparency is that monitors
and end-users who browse websites must observe the same append-only
logs. For example, if the same append-only logs are not observed, an
end-user may connect to a website that serves a mis-issued certificate
that no monitor will discover. This would largely defeat the purpose of
public logging, which is why RFC~6962 specifies that multiple gossip
protocols should be defined separately in the future. We define one such
protocol that plugs into the (at the time current) idea of having
end-users interact with the logs through DNS. Our work is exploratory,
using recent advancements in programmable packet processors that allow
turning routers, switches, and network interface cards into
\emph{aggregators} of tree heads that the logs signed and transmitted in
plaintext via DNS. The aggregated tree heads are then used as a reference
while challenging the logs to prove consistency, thus protecting
entire vantage points from undetected split views. A different
network path (like Tor) can be used to break out of a local vantage point
to increase the likelihood of global consistency. If the security
definition for \emph{aggregation indistinguishability} is satisfied,
vantage points without an aggregator may also receive protection due to
herd immunity. Our P4 and XDP prototypes satisfy the notion of
aggregation indistinguishability at line-rate with regard to throughput.
Prevalent vantage points to roll out aggregation-based gossip include
autonomous systems and Internet exchange points that route the traffic of
many users. Our RIPE Atlas measurements show that 32 autonomous systems
could protect 30-50\% of the IPv4 space from undetected split views.
End-users merely need to use plaintext DNS for opt-in.
},
participation={\vspace{-.25cm}
Andreas and Tobias had the initial idea of exploring the intersection
between Certificate Transparency and programmable packet processors. I did most of the
design and writing with feedback from Tobias, our RIPE Atlas measurements,
and our performance benchmarks with Jonathan and Toke.
},
label={
paper:ctga
},
]
\maketitle
\begin{abstract}
\input{src/ctga/src/abstract}
\end{abstract}
\input{src/ctga/src/introduction}
\input{src/ctga/src/background}
\input{src/ctga/src/design}
\input{src/ctga/src/implementation}
\input{src/ctga/src/measurements}
\input{src/ctga/src/related}
\input{src/ctga/src/discussion}
\input{src/ctga/src/conclusion}
\input{src/ctga/src/acknowledgments}
\bibliographystyle{plain}
\bibliography{src/ctga/src/ref}
\end{kaupaper}
|