blob: e6951b4e77b8d99efd9b2eefda56b4738c7132cf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
\begin{kaupaper}[
author={%
\textbf{Rasmus Dahlberg} and Tobias Pulls
},
title={%
Verifiable Light-Weight Monitoring for Certificate Transparency Logs
},
reference={%
NordSec (2018)
},
summary={%
An often overlooked part of Certificate Transparency is that domain owners
are expected to inspect the logs for mis-issued certificates continuously.
The cost and required expertise to do so have led to the emergence of
third-party monitoring services that notify domain owners of newly issued
certificates that they subscribe to. For example, one may subscribe to
email notifications whenever a certificate is issued for
\texttt{*.example.com}. One downside of such third-party monitoring is
that these notification services become trusted parties with little or no
accountability with regard to omitted certificate notifications. We show
how to add this accountability and tie it to the gossip-audit model
employed by the Certificate Transparency ecosystem by proposing
verifiable light-weight monitoring. The idea is for logs to batch
appended certificates into an additional data structure that
supports \emph{wild-card (non-)membership proofs}. As a result,
third-party monitors can prove cryptographically that they did not omit
any certificate notifications selectively. Our experimental performance
evaluation shows that overhead can be tuned to be small for all involved
parts.
},
participation={\vspace{-0.75cm}
I had the initial idea and conducted most of the work myself. Tobias
mainly contributed with discussions that lead to the final design.
},
label={
paper:lwm
},
]
\maketitle
\begin{abstract}
\input{src/lwm/src/abstract}
\end{abstract}
\input{src/lwm/src/introduction}
\input{src/lwm/src/background}
\input{src/lwm/src/lwm}
\input{src/lwm/src/evaluation}
\input{src/lwm/src/conclusion}
\input{src/lwm/src/acknowledgments}
\bibliographystyle{plain}
\bibliography{src/lwm/src/references}
\end{kaupaper}
|