certificate transparency logs in practice
play

Certificate Transparency Logs in Practice Josef Gustafsson, Linkping - PowerPoint PPT Presentation

Mar 05, 2024 •304 likes •1.13k views

A First Look at the CT Landscape: Certificate Transparency Logs in Practice Josef Gustafsson, Linkping University Gustaf Overier, Linkping University Martin Arlitt, University of Calgary, Canada Niklas Carlsson, Linkping University Proc. PAM

  1. A First Look at the CT Landscape: Certificate Transparency Logs in Practice Josef Gustafsson, Linköping University Gustaf Overier, Linköping University Martin Arlitt, University of Calgary, Canada Niklas Carlsson, Linköping University Proc. PAM , Sydney, Australia, Mar. 2017

  2. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) E.g., HTTPS does HTTP over TLS

  3. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  4. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  5. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) User need to trust FB’s public key is FBs E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  6. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) User need to trust FB’s public key is FB’s E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  7. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  8. Motivation and high-level problem • If CAs in our trust (root) store (e.g., Symantec/ Verisign) tells us that a public key belongs to Google, our browsers (and us) trust that this is the case E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  9. Motivation and high-level problem • If CAs in our trust (root) store (e.g., Symantec/ Verisign) tells us that a public key belongs to Google, our browsers (and us) trust that this is the case This is Google’s public key … Trusted CA E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  10. Motivation and high-level problem • However, mistakes happen ... • E.g., in Oct. 2015, Google discovered (using CT) that Symantec had issued test certificates for 76 domains that they did not own (including Google domains) and another 2,458 unregistered domains … This is Google’s public key … Symantec (Trusted CA) E.g., HTTPS does HTTP over TLS Some server User need to trust Google’s public key is Google’s

  11. CT: Emerging trust-monitoring solution • Since then, Google has demanded that Symantec logs all their certificates in public (append-only) CT logs • Since Jan. 2015, the Chrome browser requires all EV certificates be logged in 1 Google log and 1 other log • Mozilla planning to make similar demands • Both Chrome and Mozilla expected policies to DV certificates too …

  12. CT: Emerging trust-monitoring solution • Since then, Google has demanded that Symantec logs all their certificates in public (append-only) CT logs • Since Jan. 2015, the Chrome browser requires all EV certificates be logged in 1 Google log and 1 other log • Mozilla planning to make similar demands • Both Chrome and Mozilla expected policies to DV certificates too … • In this paper, we present the first large-scale characterization of the CT landscape

  13. Certification of public keys

  14. Certification of public keys

  15. Certification of public keys Server Browser

  16. Certification of public keys • Browsers have trust stores with root certs (of CAs) R CA Server Browser R

  17. Certification of public keys • Browsers have trust stores with root certs (of CAs) R R CA CA Server Browser R R

  18. Certification of public keys • Browsers have trust stores with root certs (of CAs) R CA Server Browser R

  19. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain L CA Server Browser L R

  20. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain • Signature of certs can be validated using keys in root store CA Server Browser L L R

  21. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain • Signature of certs can be validated using keys in root store R L CA Server Browser L L R

  22. Certification of public keys This is server X’s public key, signed with private key of CA Trust store include CA’s root cert (and public key) R L CA Server Browser L L R

  23. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain • Signature of certs can be validated using keys in root store • In practice, many • Many CAs, servers • Varying trust+security

  24. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain • Signature of certs can be validated using keys in root store • In practice, many • Many CAs, servers • Varying trust+security • Trust can be undermined • Human error • Intentional fraud • Compromised CAs • …

  25. Trust landscape • Delegation of trust to intermediates (Ii) • Browsers trust that the servers that can present certs (Li) that map to (trusted) root certs are who they claim to be • Impersonation • Any trusted CA (Ri) or intermediate (Ii) can issue rogue certs • Very difficult to know all certs issued in ones name

  26. Certification Transparency (CT) CA CA CA R L CA CA CA R CA L CA CA CA CA CA CA Browser L CA CA CA R R R CA CA L CA R R Server

  27. Certification Transparency (CT)

  28. Certification Transparency (CT) Log Log Log Log Log Log Log Log Log Monitor Auditor Log • Logs • Public record of certs L S • Append only (Merkle trees) • Servers get SCTs S • SCTs proof cert is logged • Monitors • Assert log content • Auditors S • Assert log behavior

  29. Certification Transparency (CT) Log Log Log Log Log Log Log Log Log Monitor Auditor Log • Logs • Public record of certs L S • Append only (Merkle trees) • Servers get SCTs S • SCTs proof cert is logged • Monitors • Assert log content • Auditors S • Assert log behavior

  30. Certification Transparency (CT) Log Log Log Log Log Log Log Log Log Monitor Auditor Log • Logs • Public record of certs L S • Append only (Merkle trees) • Servers get SCTs S • SCTs proof cert is logged • Monitors • Assert log content • Auditors S • Assert log behavior

  31. Certification Transparency (CT) Log Log Log Log Log Log Log Log Log Monitor Auditor Log • Logs • Public record of certs L S • Append only (Merkle trees) • Servers get SCTs S • SCTs proof cert is logged • Monitors • Assert log content • Auditors S • Assert log behavior

  32. Certification Transparency (CT) Log Log Log Log Log Log Log Log Log Monitor Auditor Log • Logs • Public record of certs L S • Append only (Merkle trees) • Servers get SCTs S • SCTs proof cert is logged • Monitors • Assert log content • Auditors S • Assert log behavior

  33. Certification Transparency (CT) Log Log Log Log Log Log Log Log Log Monitor Auditor Log • Logs • Public record of certs L S • Append only (Merkle trees) • Servers get SCTs S • SCTs proof cert is logged • Monitors • Assert log content • Auditors S • Assert log behavior

  34. Certification Transparency (CT) Log Log Log Log Log Log Log Log Log Monitor Auditor Log • Logs • Public record of certs L S • Append only (Merkle trees) • Servers get SCTs S • SCTs proof cert is logged • Monitors • Assert log content • Auditors S • Assert log behavior

  35. Methodology

  36. Methodology • Created CT monitor Log Monitor Log Log • Monitored all public logs Log • 3 Google L • 7 CA-based S • Plausible (NORDUnet) • Campus measurements S • All HTTPS sessions for a week • 232 million HTTPS sessions S

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet

In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet

Chair of Network Architectures and Services Department of Informatics Technical University of Munich In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements Oliver Gasser, Benjamin Hof, Max

531 views • 39 slides
Berkeley CS276 & MIT 6.875 Merkle Trees and Transparency Logs Lecturer: Raluca Ada Popa Oct

Berkeley CS276 & MIT 6.875 Merkle Trees and Transparency Logs Lecturer: Raluca Ada Popa Oct

Berkeley CS276 & MIT 6.875 Merkle Trees and Transparency Logs Lecturer: Raluca Ada Popa Oct 12, 2020 Announcements Starting to record This lecture: Applied: practice digital signatures and CRH in a real cryptographic system

439 views • 27 slides
Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh Stanford Google NYU Stanford Certificate Authorities Public Key Certificate CA Certificate apo-CA-lypse apo-CA-lypse Certificate Transparency

722 views • 30 slides
Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh Stanford Google NYU Stanford Certificate Authorities Public Key Certificate Authorities Public Key Certificate CA Certificate apo-CA-lypse

1.17k views • 63 slides
Performant Certificate Transparency Monitoring Intermediate talk for the IDP by Otto Breitwieser

Performant Certificate Transparency Monitoring Intermediate talk for the IDP by Otto Breitwieser

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Performant Certificate Transparency Monitoring Intermediate talk for the IDP by Otto Breitwieser advised by Max Helm, Patrick Sattler Monday 8

602 views • 11 slides
Revocaton protocols of WebPKI and Revocaton Transparency Nikita Korzhitskii Niklas Carlsson

Revocaton protocols of WebPKI and Revocaton Transparency Nikita Korzhitskii Niklas Carlsson

Revocaton protocols of WebPKI and Revocaton Transparency Nikita Korzhitskii Niklas Carlsson Lifecycle of a typical WebPKI certfcate www.liu.se Certificate Certificate Authority Server 1. Issuance www.liu.se Hello 2. Use Certificate

377 views • 10 slides
Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate Emily Stark , Ryan

Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate Emily Stark , Ryan

Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate Emily Stark , Ryan Sleevi, Rijad Muminovic, Devon OBrien, Eran Messeri, Adrienne Porter Felt, Brendan McMillion, Parisa Tabriz estark@chromium.org How

484 views • 31 slides
Logs on Logs on Logs No More Append Atomic & Remap Eric Mackay Venkatesh Srinivas Basics

Logs on Logs on Logs No More Append Atomic & Remap Eric Mackay Venkatesh Srinivas Basics

Logs on Logs on Logs No More Append Atomic & Remap Eric Mackay Venkatesh Srinivas Basics of Block Device Interfaces I/O is done in granularity of blocks 512 bytes is pretty standard Writing is slooooooow Data is

898 views • 15 slides
trans: Name Redaction & RFC6962-bis Eran Messeri, Google, eranm@google.com Definition: Name

trans: Name Redaction & RFC6962-bis Eran Messeri, Google, eranm@google.com Definition: Name

trans: Name Redaction & RFC6962-bis Eran Messeri, Google, eranm@google.com Definition: Name Redaction The ability to avoid publishing domain names, in whole or partially, in Certificate Transparency logs. Name redaction: Missing goals

248 views • 7 slides
Server-side Adoption of Certificate Transparency Carl Nykvist, Linkping University Linus

Server-side Adoption of Certificate Transparency Carl Nykvist, Linkping University Linus

Server-side Adoption of Certificate Transparency Carl Nykvist, Linkping University Linus Sjstrm, Linkping University Josef Gustafsson, Linkping University Niklas Carlsson, Linkping University Proc. PAM , Berlin, Germany, Mar. 2018

1.11k views • 72 slides
New Adventures in PKI May 30, 2014 Jeremy Rowley DigiCert, Inc. Overview Deprecation of

New Adventures in PKI May 30, 2014 Jeremy Rowley DigiCert, Inc. Overview Deprecation of

Direct Exchange 101 New Adventures in PKI May 30, 2014 Jeremy Rowley DigiCert, Inc. Overview Deprecation of SHA-1 Certificate Transparency (CT) Certificate Lifecycles Internal Name Deprecation Certificate Authority

280 views • 13 slides
Certificate IV in Project Management Practice Day 1: Project Initiation Course structure 8-day

Certificate IV in Project Management Practice Day 1: Project Initiation Course structure 8-day

BSB41515 C ERTIFICATE IV IN P ROJECT M ANAGEMENT P RACTICE BSB41515 Certificate IV in Project Management Practice Day 1: Project Initiation Course structure 8-day program Attendance sheet Active participation Assessment portfolio Initiating

829 views • 41 slides
Why are UI Logs Important? UI logs will help you identify Trends and Patterns that need to be

Why are UI Logs Important? UI logs will help you identify Trends and Patterns that need to be

2/17/2015 Unusual Incident Log Reviews January 23, 2015 Why are UI Logs Important? UI logs will help you identify Trends and Patterns that need to be addressed to ensure the Health and Welfare of those you serve. To ensure that sound

589 views • 24 slides
National Certificate in Tobacco Treatment Practice The First Step Toward Uniform Certification

National Certificate in Tobacco Treatment Practice The First Step Toward Uniform Certification

10/8/2018 National Certificate in Tobacco Treatment Practice The First Step Toward Uniform Certification THOMAS J PAYNE, PHD, NCTTP AUDREY DARVILLE, PHD DENISE JOLICOEUR, MPH, CHES, NCTTP CYNTHIA MORENO TUOHY, NCAC II, CDC III, SAP

372 views • 20 slides
Non-renewable resource funds: Best practice in transparency Deputy Governor Jarle Bergo Norges

Non-renewable resource funds: Best practice in transparency Deputy Governor Jarle Bergo Norges

Norges Bank Non-renewable resource funds: Best practice in transparency Deputy Governor Jarle Bergo Norges Bank Washington D.C., 12 May 2007 1 Norges Bank Why is transparency important? For the Fund to achieve its objectives and be

389 views • 23 slides
Fintech Certificate Fintech Certificate Fintech Certificate 2 Investment Case The AtonR

Fintech Certificate Fintech Certificate Fintech Certificate 2 Investment Case The AtonR

Fintech Certificate Fintech Certificate Fintech Certificate 2 Investment Case The AtonR Fintech Index is a long-only, USD-based, actively managed total return index. The pace of innovation in financial technology (Fintech) has been

616 views • 26 slides
CONIKS (KEY TRANSPARENCY) Slides adapted from Marcela Melara The problem of the PKI (Public key

CONIKS (KEY TRANSPARENCY) Slides adapted from Marcela Melara The problem of the PKI (Public key

[USENIX Security 15, Marcela S. Melara, Aaron Blankstein, Joseph Bonneau, Edward W. Felten, Michael J. Freedman] CONIKS (KEY TRANSPARENCY) Slides adapted from Marcela Melara The problem of the PKI (Public key infrastructure) A long

918 views • 59 slides
CSE 333 Section 1 C, Pointers, and Gitlab 1 Logistics Due Friday: Exercise 0 @ 10:00 am Due

CSE 333 Section 1 C, Pointers, and Gitlab 1 Logistics Due Friday: Exercise 0 @ 10:00 am Due

CSE 333 Section 1 C, Pointers, and Gitlab 1 Logistics Due Friday: Exercise 0 @ 10:00 am Due Monday: Exercise 1 @ 10:00 am HW0 (setup Gitlab ASAP) @11 pm 2 Icebreaker! 3 attu/CSE VM Setup and Gitlab Demo 4 Attu/CSE VM Updates and gcc 9

461 views • 32 slides
Matthew j00ru Jurczyk, Gynvael Coldwind HISPASEC Unlucky???? Eyjafjallajkull Photo by

Matthew j00ru Jurczyk, Gynvael Coldwind HISPASEC Unlucky???? Eyjafjallajkull Photo by

Matthew j00ru Jurczyk, Gynvael Coldwind HISPASEC Unlucky???? Eyjafjallajkull Photo by rni Fririksson Flood http://www.ro.com.pl/public/grafika/powodz_ostroda.jpg [x] Volcano [x] Flood [ ] ? 2012 ? Me, Myself and I Reverse

646 views • 51 slides
SSL Research with Bro Johanna Amann International Computer Science Institute johanna@icir.org

SSL Research with Bro Johanna Amann International Computer Science Institute johanna@icir.org

SSL Research with Bro Johanna Amann International Computer Science Institute johanna@icir.org http://www.icir.org/johanna Bro History Academic Host Context Time Machine Publications Summary Stats Enterprise Traffic HILTI DPI Concurrency

733 views • 46 slides
Graph Covers and Iterative Decoding of Finite-Length Codes Pascal O. Vontobel (CSL, UIUC) Ralf

Graph Covers and Iterative Decoding of Finite-Length Codes Pascal O. Vontobel (CSL, UIUC) Ralf

CSL/UIUC Graph Covers and Iterative Decoding Graph Covers and Iterative Decoding of Finite-Length Codes Pascal O. Vontobel (CSL, UIUC) Ralf Koetter (CSL, UIUC) Talk at DIMACS, Piscataway, NJ, USA Dec. 15, 2003 Vontobel/Koetter transparency

542 views • 41 slides
Future Internet of Services Future Internet of Services 3 Perspective From a TAS 3 Perspective

Future Internet of Services Future Internet of Services 3 Perspective From a TAS 3 Perspective

Future Internet of Services Future Internet of Services 3 Perspective From a TAS 3 Perspective From a TAS Danny De Cock TAS 3 Project Coordinator Slides available from http://godot.be/slides Email: Danny.DeCock@esat.kuleuven.be Future

252 views • 12 slides
Transparency-Enhancing Tools PETs PhD Course at Chalmers Tobias Pulls Karlstad University,

Transparency-Enhancing Tools PETs PhD Course at Chalmers Tobias Pulls Karlstad University,

Transparency TETs Transparency Logging A4Cloud Summary Transparency-Enhancing Tools PETs PhD Course at Chalmers Tobias Pulls Karlstad University, Sweden tobias.pulls@kau.se October 29, 2012 Transparency TETs Transparency Logging

1.05k views • 59 slides
The Theory of Web Transparency: Algorithms and Trade-offs Augustin Chaintreau 1 , Guillaume

The Theory of Web Transparency: Algorithms and Trade-offs Augustin Chaintreau 1 , Guillaume

The Theory of Bringing Privacy into Practice, 2015 1/8 The Theory of Web Transparency: Algorithms and Trade-offs Augustin Chaintreau 1 , Guillaume Ducoffe 2 , 3 , Roxana Geambasu 1 , ecuyer 1 Mathias L 1Columbia University 2Univ. Nice Sophia

339 views • 14 slides

More recommend