crlite when industry academia collide
play

CRLite: When Industry & Academia Collide Thyla van der Merwe - PowerPoint PPT Presentation

Aug 12, 2023 •360 likes •901 views

CRLite: When Industry & Academia Collide Thyla van der Merwe Real World Crypto 9 January 2020 Trust TLS PKI = + l Root CA PKI signature Intermediate CA signature Intermediate CA signature TLS l Impersonate MITM TLS TLS >

  1. CRLite: When Industry & Academia Collide Thyla van der Merwe Real World Crypto 9 January 2020

  2. Trust TLS PKI = + l

  3. Root CA PKI signature Intermediate CA signature Intermediate CA signature TLS l

  4. Impersonate MITM TLS TLS > 500 000 private keys compromised! l

  5. Root CA PKI signature Intermediate CA signature revocation Intermediate CA Owner requests → CA signature produces public, verifiable attestation that the certificate should no longer be trusted. TLS Is this a revoked certificate? l

  6. Revocation is important! Revocation is broken! Current Methods Future Methods Implementing CRLite CRLs and OCSP In Firefox CRLite fuv l

  7. Revocation is important! Revocation is broken! Current Methods Future Methods Implementing CRLite CRLs and OCSP In Firefox CRLite Building the thing! Where are we now? Are we done yet? fuv CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers. Larisch et al. IEEE S&P 2017 l

  8. Current Methods CRLs OCSP OCSP CA CA serial number CA signature CA signature OCSP request serial number serial number OCSP request serial number OCSP response OCSP response OCSP responder OCSP responder serial number URL URL CA signature URL 10 days? a few days? O C S P r e s p o n s e

  9. Fail-open vs Fail-closed l

  10. Current Methods Must-Staple CRLs OCSP OCSP CA CA serial number CA signature CA signature OCSP request serial number serial number OCSP request serial number OCSP response OCSP response OCSP responder OCSP responder serial number URL URL CA signature URL 10 days? a few days? O C S P r e s p o n s e

  11. Delays 200 ms Fail-open Privacy concerns l

  12. Evolving... CRLSets OneCRL Size?? CRLite

  13. Bloom Filters Certificate Ecosystem Use a data structure that supports queries for the finite set of unexpired certificates.

  14. Bloom Filters 0 0 1 0 1 0 0 0 0 1 0 1 m = 12 k = 4 Let’s put data item d in the filter: Compute h_1 (d) = 4 → set bit in index 4 to 1. Compute h_2 (d) = 11 → set bit in index 11 to 1. Compute h_3 (d) = 9 → set bit in index 9 to 1. Compute h_4 (d) = 2 → set bit in index 2 to 1.

  15. Bloom Filters 0 1 1 0 1 1 0 1 0 1 0 1 m = 12 k = 4 Let’s put data item d in the filter: Add another Compute h_1 ( d ) = 4 → set bit in index 4 to 1. item d’ ? Compute h_2 ( d ) = 11 → set bit in index 11 to 1. Compute h_3 ( d ) = 9 → set bit in index 9 to 1. Compute h_4 ( d ) = 2 → set bit in index 2 to 1.

  16. Bloom Filters 0 1 1 0 1 1 0 1 0 1 0 1 m = 12 k = 4 Is d* in the filter? If any of the h_i(d*) values is 0 If all of the h_i(d*) values are 1 then DEFINITELY NOT in the then MAYBE in the filter. filter. So maybe it’s a legitimate insertion, maybe it’s not.

  17. Bloom Filters 0 1 1 0 1 1 0 1 0 1 0 1 m = 12 k = 4 Will have false positives → rate p determined by m , k , occupancy.

  18. Bloom Filters Say we want to store R U. R is the set of revoked certificates, and U is the finite set of unexpired certificates. R S = U. But there will be false positives!

  19. Cascading Bloom Filters Say we want to store R U. R is the set of revoked certificates, and U is the finite set of unexpired certificates. R S = U. Store those in another bloom filter.

  20. Cascading Bloom Filters R BF 1 But there are going to be Elements of S that false positives shouldn’t be in BF 1 !

  21. Cascading Bloom Filters R BF 1 But there are going to be false positives BF 2 But there are going to be false positives

  22. Cascading Bloom Filters R BF 1 But there are going to be false positives BF 2 But there are going to be Elements of R that false positives shouldn’t be in BF 2 !

  23. Cascading Bloom Filters BF 1 But there are going to be false positives BF 2 But there are going to be false positives BF x no false positives* * for a constrained, finite set

  24. Cascading Bloom Filters 3 levels R If d* in not in BF1, then definitely not in R . If d* is in BF1, then we don’t know. But there are going to be false positives If d* in BF1 but not in BF2, then in R. If d* is in BF1 and BF2, then we don’t But there are going to be know. false positives If d* in BF1 and BF2 but not in BF3, then definitely not in R . If d* is all three, then in R . no false positives

  25. Cascading Bloom Filters Is u in U in R ? R Starting at i = 1 , keep going until u not in BF_i . But there are going to be false positives ● If i is odd , u not in R . ● If i is even , u in R . But there are going to be If u in all BF_i , look at number of false positives levels, l . ● If l is odd , u in R . ● If l is even , u not in R . no false positives

  26. Cascading Bloom Filters in BF1? Is u in U in R ? R N Y Starting at i = 1 , keep going until u not in BF_i . But there are going to be not in R in BF2? false positives ● If i is odd , u not in R . ● If i is even , u in R . N Y But there are going to be If u in all BF_i , look at number of false positives in R in BF3? levels, l . N Y ● If l is odd , u in R . ● If l is even , u not in R . no false positives not in R in R

  27. Cascading Bloom Filters Want the minimum possible size… Bloom filter minimized: How do we set for p for filter k = log_2(1/p) and m ≅ 144r log_2(1/p) cascades? r = |R|, s = |S| Analysis → p_1 for BF_1, p for other BFs p_1 = r√p/s p = 0.5 → close to theoretical lower bound Simulations confirm! Size of R dominates, does not grow considerably with S !

  28. CRLite Architecture CRLite Aggregator

  29. CRLite Architecture CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers. Larisch et al. IEEE S&P 2017

  30. CRLite Architecture

  31. Implementing CRLite for Firefox Building the thing! Principle 4 ● CRL-like properties Individuals’ security ● Small data sizes (fast to parse) and privacy on the ● Incremental updates Internet are ● Scales well fundamental and ● Builds on useful properties of CT must not be treated as optional.

  32. Implementing CRLite for Firefox Building the thing! 95 M 1.4 MB 4 x 0.4 MB

  33. Implementing CRLite for Firefox Building the thing! 95 M 1.4 MB 4 x 0.4 MB Have our OneCRL mechanism for signing and pushing.

  34. Implementing CRLite for Firefox Building the thing! Paper did have a prototype using Firefox → built as a Firefox extension. Academic Prototype Mozilla Prototype TLS APIs for cert checking Native code (C++, Rust, some JS) - JavaScript (11.9MB memory) 10ms to check a cert chain 0.04 ms (check a cert) < 8ms (all Firefox calls to check a - includes parsing certs (API chain) provides unparsed certs) - We check end-entity certs - Use OneCRL -> intermediates

  35. Implementing CRLite for Firefox Building the thing! 1. Create our aggregator to produce filters 2. Write the client-side code for checking filters 3. Link up to our Remote Settings infrastructure to push filters

  36. Implementing CRLite for Firefox Building the thing! 1. Create our aggregator to produce filters 2. Write the client-side code for checking filters 3. Link up to our Remote Settings infrastructure to push filters S unexpired, valid > 2B! R unexpired, revoked

  37. Implementing CRLite for Firefox Building the thing! 1. Create our aggregator to produce filters 2. Write the client-side code for checking filters 3. Link up to our Remote Settings infrastructure to push filters S unexpired, valid > 2B! “It’s hard, Thyla, just plain hard.” R unexpired, revoked

  38. Implementing CRLite for Firefox Building the thing! 1. Create our aggregator to produce filters single high-performance server, large disk Golang timeouts cache size? slow downs

  39. Implementing CRLite for Firefox Building the thing!

  40. Implementing CRLite for Firefox Building the thing! process CT logs create filters store publish

  41. Implementing CRLite for Firefox Building the thing! CPU usage of the Kubernetes cluster for filter generation, each peak is a generation run.

  42. Implementing CRLite for Firefox Building the thing! creating R & S cascaded filter generation Filter generation times (minutes)

  43. Implementing CRLite for Firefox Building the thing! 1. Create our aggregator to produce filters 2. Write the client-side code for checking filters 3. Link up to our Remote Settings infrastructure to push filters

  44. Implementing CRLite for Firefox Where are we now? 12-day period in December 289

  45. Implementing CRLite for Firefox Where are we now? median 125 ms 12-day period in December

  46. Implementing CRLite for Firefox Where are we now? A few technical caveats ● We don’t catch Let’s Encrypt entries in our filter -- currently don’t have a CRL, but this should change soon ● The client needs to check if using CRLite for revocation is possible -- if not, resort to OSCP ● So, we’re not fully fail-closed, yet PROTOTYPE!

  47. Implementing CRLite for Firefox Are we done yet?

  48. Implementing CRLite for Firefox Are we done yet? ● Deeper security questions and attack scenarios ○ stress testing, sizing, p values? ● Crypto agility ○ upgrade the hash functions? ● Architecture enhancements ● Performance enhancements ○ smaller delta sizes As robust as possible!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Tom Keeley WORKING WITH INDUSTRY Industry structure Industry and academia WORKING IN

Tom Keeley WORKING WITH INDUSTRY Industry structure Industry and academia WORKING IN

Tom Keeley WORKING WITH INDUSTRY Industry structure Industry and academia WORKING IN INDUSTRY Should you make the move Making the move Questions. Undergraduate, post-graduate, PhD student and Research Fellow at UoB.

316 views • 19 slides
: BRIDGING ACADEMIA AND INDUSTRY : BRIDGING ACADEMIA AND INDUSTRY THROUGH PROJECT BASED

: BRIDGING ACADEMIA AND INDUSTRY : BRIDGING ACADEMIA AND INDUSTRY THROUGH PROJECT BASED

: BRIDGING ACADEMIA AND INDUSTRY : BRIDGING ACADEMIA AND INDUSTRY THROUGH PROJECT BASED EXPERIENTIAL LEARNING THROUGH PROJECT BASED EXPERIENTIAL LEARNING National Technology Enhanced Learning Conference 2019 Experiential Learning: Evolving

96 views • 9 slides
Communication and Vision WHEN WORLDS COLLIDE 1 When Worlds Collide Pre-symbolic and

Communication and Vision WHEN WORLDS COLLIDE 1 When Worlds Collide Pre-symbolic and

Communication and Vision WHEN WORLDS COLLIDE 1 When Worlds Collide Pre-symbolic and Symbolic Communication Assessing communication skills of children with VI and concomitant disabilities. Decision making for AAC Developing goals

481 views • 24 slides
Life After PhD Finding a Job, Academic Careers vs Industry &amp; Research Labs Outline

Life After PhD Finding a Job, Academic Careers vs Industry &amp; Research Labs Outline

Life After PhD Finding a Job, Academic Careers vs Industry &amp; Research Labs Outline Introduction Choices (Academia vs Industry) Academia Industry Conclusion What are planning to do after your PhD? Academia vs

485 views • 44 slides
Training course FOODQA: Fostering Academia Industry Collaboration in Food Safety and Quality

Training course FOODQA: Fostering Academia Industry Collaboration in Food Safety and Quality

WP3 Training of Academia and Industry Training course FOODQA: Fostering Academia Industry Collaboration in Food Safety and Quality Food safety management systems Final report Staff FOODQA partner: P&amp;B (Consultores Associados, Lda.,

431 views • 28 slides
Challenges for technology transfer industry to academia Judith Bishop Director of Computer

Challenges for technology transfer industry to academia Judith Bishop Director of Computer

Challenges for technology transfer industry to academia Judith Bishop Director of Computer Science jbishop@microsoft.com Prof. Judith Bishop Microsoft Research Academia Career Software Engineering South Africa until June 2009

360 views • 23 slides
+ Management Board (11 members from industry, academia and other sectors) Algae-UK: an expanded

+ Management Board (11 members from industry, academia and other sectors) Algae-UK: an expanded

Saul Purton Michele Stanley Pat Harvey Anna Amtmann Kirstin Covington Director Co-director Co-director Co-director Network Manager ( macroalgae ) ( microalgae ) ( cyanobacteria ) + Management Board (11 members from industry, academia and

455 views • 13 slides
Towards an Effective Collaboration between Industry and Academia Alessandro Di Bucchianico

Towards an Effective Collaboration between Industry and Academia Alessandro Di Bucchianico

Towards an Effective Collaboration between Industry and Academia Alessandro Di Bucchianico European Network for Business and Industrial Statistics and Eindhoven University of Technology SmartGrids 2015 Personal introduction Eindhoven

583 views • 8 slides
Academia meets Industry: RPC and TGC Vienna University of Technology March 25 th 2014 By R.

Academia meets Industry: RPC and TGC Vienna University of Technology March 25 th 2014 By R.

Academia meets Industry: RPC and TGC Vienna University of Technology March 25 th 2014 By R. Santonico Industrial availability of materials Such large area detectors demand large amounts of qualified materials to be found in the industry

540 views • 21 slides
Partnerships across industry, academia, nonprofits, and government Meredith M. Lee Executive

Partnerships across industry, academia, nonprofits, and government Meredith M. Lee Executive

Partnerships across industry, academia, nonprofits, and government Meredith M. Lee Executive Director | West Big Data Innovation Hub NIWR Annual Meeting | Feb 27, 2017 2012: US Federal Big Data R&amp;D Initiative $200M 2014: 2015: 2016:

1.1k views • 14 slides
Industry Academia Collaborations Barry McMahon Tallaght Hospital and Trinity College Dublin

Industry Academia Collaborations Barry McMahon Tallaght Hospital and Trinity College Dublin

Industry Academia Collaborations Barry McMahon Tallaght Hospital and Trinity College Dublin Medical Technology in Healthcare The Ecosystem Academia Medical Device Industry Medical Technology in Healthcare Healthcare Practitioners

1.05k views • 35 slides
Computational Systems Pharmacology of Antibody-Drug Conjugates: A Joint Academia-Industry

Computational Systems Pharmacology of Antibody-Drug Conjugates: A Joint Academia-Industry

Computational Systems Pharmacology of Antibody-Drug Conjugates: A Joint Academia-Industry Experience Inez Lam IMAG-AND Futures Meeting March 17, 2020 Mac Gabhann Lab at Johns Hopkins University C COMPUTATIONAL DESIGN of THERAPEUTICS LAB

385 views • 20 slides
Funding Opportunities for Academia Industry Collaboration in Research Horizon 2020, Horizon

Funding Opportunities for Academia Industry Collaboration in Research Horizon 2020, Horizon

ScanBalt Forum 2019 Gdask, 24-25.09.2019 Funding Opportunities for Academia Industry Collaboration in Research Horizon 2020, Horizon Europe Prelegent: Anna Dziubczyska-Pytko W niniejszej prezentacji wykorzystano materiay udost pnione

658 views • 37 slides
The TI-UPRM Program: A Model for Industry-Academia Collaboration Dr. Manuel Jimnez Professor

The TI-UPRM Program: A Model for Industry-Academia Collaboration Dr. Manuel Jimnez Professor

University of Puerto Rico at Mayagez Electrical and Computer Engineering Department The TI-UPRM Program: A Model for Industry-Academia Collaboration Dr. Manuel Jimnez Professor September 2010 Outline TI-UPRM Program Structure

716 views • 19 slides
AI on the Edge Discussion on the Gap Between Industry and Academia Yunhe Wang Huawei

AI on the Edge Discussion on the Gap Between Industry and Academia Yunhe Wang Huawei

AI on the Edge Discussion on the Gap Between Industry and Academia Yunhe Wang Huawei Noahs Ark Lab ABOUT ME Enthusiasm PKUer Researcher Programmer Yunhe Wang www.wangyunhe.site yunhe.wang@huawei.com Deep Model Compression [Han

597 views • 13 slides
Smart Cities @ Catalyzing collaboration between academia, industry and government to solve

Smart Cities @ Catalyzing collaboration between academia, industry and government to solve

Smart Cities @ Catalyzing collaboration between academia, industry and government to solve global problems What is a Smart City? A Smart City facilitates access to information, enabling and engaging all citizens to improve the human

313 views • 15 slides
Disclosures Complications in Cervical Deformity Surgery Stryker Spine: royalties Fellowship

Disclosures Complications in Cervical Deformity Surgery Stryker Spine: royalties Fellowship

11/4/16 Disclosures Complications in Cervical Deformity Surgery Stryker Spine: royalties Fellowship support: AOSpine, Globus, Nuvasive Bobby K-B Tay, MD . Clinical Professor Department of Orthopaedic Surgery Director of Spine Fellowship

311 views • 12 slides
Outline 1 Introduction 2 Bayesian Networks 3 Neuroscience 4 Industry 5 Sport 6

Outline 1 Introduction 2 Bayesian Networks 3 Neuroscience 4 Industry 5 Sport 6

Intro Bayes Nets Neuro Industry Sport EDAs Concl Ref A PPLICATIONS IN N EUROSCIENCE , I NDUSTRY 4.0, AND S PORTS Pedro Larra naga Computational Intelligence Group Artificial Intelligence Department Universidad Polit ecnica de Madrid

1.2k views • 97 slides
Disclosure Cervical Spinal Disorders Morio Matsumoto Morio Matsumoto received honorarium for

Disclosure Cervical Spinal Disorders Morio Matsumoto Morio Matsumoto received honorarium for

11/8/2013 Pedicle Screw Fixation for Disclosure Cervical Spinal Disorders Morio Matsumoto Morio Matsumoto received honorarium for Associate Professor Director of Spine Section Dept . Of Orthopaedic Surgery, Keio University, lecture from

694 views • 17 slides
Introduction to Computational Graph Analytics Lecture 1 CSCI 4974/6971 29 August 2016 1 / 6

Introduction to Computational Graph Analytics Lecture 1 CSCI 4974/6971 29 August 2016 1 / 6

Introduction to Computational Graph Analytics Lecture 1 CSCI 4974/6971 29 August 2016 1 / 6 Graph, networks, and characteristics of real-world data Slides from Marta Arias &amp; R. Ferrer-i-Cancho, Intro to Complex and Social Networks 2 / 6

907 views • 52 slides
Top 10 Reasons to Make &quot;COLLISION AVOIDANCE: Winning Formulas for Safe Driving&quot; Your

Top 10 Reasons to Make &quot;COLLISION AVOIDANCE: Winning Formulas for Safe Driving&quot; Your

Top 10 Reasons to Make &quot;COLLISION AVOIDANCE: Winning Formulas for Safe Driving&quot; Your Driver Improvement Program of Choice Contact: drive@safecourse.com Robert McDaniel, SafeCourse. mobile (415) 786-6264 Charles E. McDaniel, PhD,

339 views • 33 slides
Subordinate CA Disclosure CA Operator CA Private Key CA Private Key CA Private Key CA (SPKI +

Subordinate CA Disclosure CA Operator CA Private Key CA Private Key CA Private Key CA (SPKI +

Subordinate CA Disclosure CA Operator CA Private Key CA Private Key CA Private Key CA (SPKI + DN) CA (SPKI + DN) CA (SPKI + DN) also SKID also SKID also SKID Root CA (SPKI + DN) CA (SPKI + DN) CA (SPKI + DN) CA (SPKI + DN) CA (SPKI +

316 views • 5 slides
Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh Stanford Google NYU Stanford Certificate Authorities Public Key Certificate CA Certificate apo-CA-lypse apo-CA-lypse Certificate Transparency

722 views • 30 slides
Lecture 22 CAs and HTTPS Attacks Stephen Checkoway University of Illinois at Illinois CS

Lecture 22 CAs and HTTPS Attacks Stephen Checkoway University of Illinois at Illinois CS

Lecture 22 CAs and HTTPS Attacks Stephen Checkoway University of Illinois at Illinois CS 487 Fall 2017 Slides from Miller and Baileys ECE 422 Certificates Make use of trusted Certificate Authorities (CA) This public

472 views • 29 slides

More recommend