research-article

ARPKI: Attack Resilient Public-Key Infrastructure

Authors:

Tiffany Hyun-Jin Kim,

Pawel SzalachowskiAuthors Info & Claims

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Pages 382 - 393

https://doi.org/10.1145/2660267.2660298

Published: 03 November 2014 Publication History

Abstract

We present ARPKI, a public-key infrastructure that ensures that certificate-related operations, such as certificate issuance, update, revocation, and validation, are transparent and accountable. ARPKI is the first such infrastructure that systematically takes into account requirements identified by previous research. Moreover, ARPKI is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proof-of-concept implementation providing all features required for deployment. ARPKI efficiently handles the certification process with low overhead and without incurring additional latency to TLS.

ARPKI offers extremely strong security guarantees, where compromising n-1 trusted signing and verifying entities is insufficient to launch an impersonation attack. Moreover, it deters misbehavior as all its operations are publicly visible.

References

[1]

ARPKI: Full implementation, formal model, and security properties. http://www.netsec.ethz.ch/research/arpki.

[2]

Convergence. http://convergence.io/.

[3]

Public Key Pinning. http://www.imperialviolet.org/2011/05/04/pinning.html, May 2011.

[4]

Public Key Pinning Extension for HTTP. http://tools.ietf.org/html/draft-ietf-websec-key-pinning-01, December 2011.

[5]

Martin Abadi, Andrew Birrell, Ilya Mironov, Ted Wobber, and Yinglian Xie. Global authentication in an untrustworthy world. In Petros Maniatis, editor, HotOS. USENIX Association, 2013.

Digital Library

[6]

Daniel J Bernstein, Niels Duif, Tanja Lange, Peter Schwabe, and Bo-Yin Yang. High-speed high-security signatures. Journal of Cryptographic Engineering, 2(2):77--89, 2012.

[7]

Robert Biddle, Paul C van Oorschot, Andrew S Patrick, Jennifer Sobey, and Tara Whalen. Browser interfaces and extended validation SSL certificates: an empirical study. In Proceedings of the 2009 ACM workshop on Cloud computing security, pages 19--30. ACM, 2009.

Digital Library

[8]

D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. RFC 5280 (Proposed Standard), May 2008.

[9]

Paul Ducklin. The TURKTRUST SSL certificate fiasco - what really happened, and what happens next? http://nakedsecurity.sophos.com/2013/01/08/the-turktrust-ssl-certificate-fiasco-what-happened-and-what-happens-next/, January 2013.

[10]

Peter Eckersley. Sovereign Key Cryptography for Internet Domains. https://git.eff.org/?p=sovereign-keys.git;a=blob;f=sovereign-key-design.txt;hb=HEAD.

[11]

Martin Georgiev, Subodh Iyengar, Suman Jana, Rishita Anubhai, Dan Boneh, and Vitaly Shmatikov. The most dangerous code in the world: validating SSL certificates in non-browser software. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 38--49. ACM, 2012.

Digital Library

[12]

Paul Hoffman and Jakob Schlyter. The DNS-based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA. http://tools.ietf.org/html/rfc6698, August 2012. IETF RFC 6698.

[13]

R. Housley, W. Polk, W. Ford, and D. Solo. Internet X.509 Public Key Infrastructure: Certificate and Certificate Revocation List (CRL) Profile. Technical Report RFC 3280, Internet Engineering Task Force, April 2002.

Digital Library

[14]

Emilia Kasper. Fast elliptic curve cryptography in OpenSSL. In Financial Cryptography and Data Security, volume 7126 of LNCS, pages 27--39. Springer, 2012.

Digital Library

[15]

Tiffany Hyun-Jin Kim, Lin-Shung Huang, Adrian Perrig, Collin Jackson, and Virgil Gligor. Accountable Key Infrastructure (AKI): A Proposal for a Public-Key Validation Infrastructure. In Daniel Schwabe, Virglio A. F. Almeida, Hartmut Glaser, Ricardo A. Baeza-Yates, and Sue B. Moon, editors, Proceedings of the International World Wide Web Conference (WWW), May 2013.

Digital Library

[16]

Adam Langley. Overclocking SSL. https://www.imperialviolet.org/2010/06/25/overclocking-ssl.html, June 2010.

[17]

Ben Laurie and Emilia Kasper. Revocation Transparency. http://sump2.links.org/files/ RevocationTransparency.pdf.

[18]

Ben Laurie, Adam Langley, and Emilia Kasper. Certificate Transparency. http://tools.ietf.org/pdf/rfc6962.pdf, June 2013. IETF RFC 6962.

[19]

Moxie Marlinspike and Trevor Perrin. Trust Assertions for Certificate Keys. http://tack.io/draft.html, May 2012.

[20]

Simon Meier, Benedikt Schmidt, Cas Cremers, and David Basin. The TAMARIN Prover for the Symbolic Analysis of Security Protocols. In Computer Aided Verification, 25th International Conference, CAV 2013, Princeton, USA, Proc., volume 8044 of LNCS, pages 696--701. Springer, 2013.

Digital Library

[21]

Joseph Menn. Key internet operator VeriSign hit by hackers. http://www.reuters.com/article/2012/02/02/us-hacking-verisign-idUSTRE8110Z820120202, January 2012.

[22]

M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. Internet Request for Comments 2560, June 1999.

Digital Library

[23]

Paul Roberts. Phony SSL certificates issued for Google, Yahoo, Skype, others. http://threatpost.com/phony-ssl-certificates-issued-google-yahoo-skype-others-032311/, March 2011.

[24]

Mark D. Ryan. Enhanced certificate transparency and end-to-end encrypted mail. In Proceedings of NDSS. The Internet Society, 2014.

[25]

Benedikt Schmidt, Simon Meier, Cas Cremers, and David Basin. Automated analysis of Diffie-Hellman protocols and advanced security properties. In Computer Security Foundations Symposium (CSF), pages 78--94. IEEE, 2012.

Digital Library

[26]

Toby Sterling. Second firm warns of concern after Dutch hack. http://news.yahoo.com/second-firm-warns-concern-dutch-hack-215940770.html, September 2011.

[27]

Pawel Szalachowski, Stephanos Matsumoto, and Adrian Perrig. PoliCert: Secure and Flexible TLS Certificate Management. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). ACM, November 2014.

Digital Library

[28]

Emin Topalovic, Brennan Saeta, Lin-Shung Huang, Collin Jackson, and Dan Boneh. Towards Short-Lived Certificates. In Web 2.0 Security and Privacy, May 2012.

[29]

Dan Wendlandt, David G. Andersen, and Adrian Perrig. Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing. In Proceedings of USENIX Annual Technical Conference, June 2008.

Digital Library

Cited By

Turan ESen SErgun T(2024)A Semi-Decentralized PKI Based on Blockchain With a Stake-Based Reward-Punishment MechanismIEEE Access10.1109/ACCESS.2024.339465712(60705-60721)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3394657
Len JChase MGhosh EJost DKesavan BMarcedone AMeng WJensen CCremers CKirda E(2023)ELEKTRA: Efficient Lightweight multi-dEvice Key TRAnsparencyProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623161(2915-2929)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623161
Kumar AThing V(2023)A Public Key Infrastructure for 5G Service-Based Architecture2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom60117.2023.00209(1532-1539)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TrustCom60117.2023.00209
Show More Cited By

Index Terms

ARPKI: Attack Resilient Public-Key Infrastructure
1. Security and privacy
  1. Network security
  2. Security services
    1. Authentication

Recommendations

PoliCert: Secure and Flexible TLS Certificate Management
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

The recently proposed concept of publicly verifiable logs is a promising approach for mitigating security issues and threats of the current Public-Key Infrastructure (PKI). Although much progress has been made towards a more secure infrastructure, the ...
Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure
WWW '13: Proceedings of the 22nd international conference on World Wide Web

Recent trends in public-key infrastructure research explore the tradeoff between decreased trust in Certificate Authorities (CAs), resilience against attacks, communication overhead (bandwidth and latency) for setting up an SSL/TLS connection, and ...
CAPS: Smoothly Transitioning to a More Resilient Web PKI
ACSAC '20: Proceedings of the 36th Annual Computer Security Applications Conference

Many recent proposals to increase the resilience of the Web PKI against misbehaving CAs face significant obstacles to deployment. These hurdles include (1) the requirement of drastic changes to the existing PKI players and their interactions, (2) the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

November 2014

1592 pages

ISBN:9781450329576

DOI:10.1145/2660267

General Chair:
Gail-Joon Ahn
Arizona State University, USA
,
Program Chairs:
Moti Yung
Google -- Columbia University, USA
,
Ninghui Li
Purdue University, USA

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Division of Computer and Network Systems

Conference

CCS'14

Sponsor:

SIGSAC

CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security

November 3 - 7, 2014

Arizona, Scottsdale, USA

Acceptance Rates

CCS '14 Paper Acceptance Rate 114 of 585 submissions, 19%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

79
Total Citations
View Citations
951
Total Downloads

Downloads (Last 12 months)58
Downloads (Last 6 weeks)8

Reflects downloads up to 21 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Turan ESen SErgun T(2024)A Semi-Decentralized PKI Based on Blockchain With a Stake-Based Reward-Punishment MechanismIEEE Access10.1109/ACCESS.2024.339465712(60705-60721)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3394657
Len JChase MGhosh EJost DKesavan BMarcedone AMeng WJensen CCremers CKirda E(2023)ELEKTRA: Efficient Lightweight multi-dEvice Key TRAnsparencyProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623161(2915-2929)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623161
Kumar AThing V(2023)A Public Key Infrastructure for 5G Service-Based Architecture2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom60117.2023.00209(1532-1539)Online publication date: 1-Nov-2023
https://doi.org/10.1109/TrustCom60117.2023.00209
Zhao LZhong LLiu JZeng XZhang J(2023)A Regulatable Mechanism for Transacting Data AssetsIEEE Internet of Things Journal10.1109/JIOT.2023.330603010:24(21615-21632)Online publication date: 15-Dec-2023
https://doi.org/10.1109/JIOT.2023.3306030
Cheval VMoreira JRyan M(2023)Automatic verification of transparency protocols2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP57164.2023.00016(107-121)Online publication date: Jul-2023
https://doi.org/10.1109/EuroSP57164.2023.00016
Khan SLuo FZhang ZUllah FAmin FQadri SHeyat MRuby RWang LUllah SLi MLeung VWu K(2023)A Survey on X.509 Public-Key Infrastructure, Certificate Revocation, and Their Modern Implementation on Blockchain and Ledger TechnologiesIEEE Communications Surveys & Tutorials10.1109/COMST.2023.332364025:4(2529-2568)Online publication date: Dec-2024
https://doi.org/10.1109/COMST.2023.3323640
Liang WYou LHu G(2023)LRS_PKIComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2023.110043237:COnline publication date: 1-Dec-2023
https://dl.acm.org/doi/10.1016/j.comnet.2023.110043
Lins MMayrhofer RRoland MBeresford A(2023)Mobile App Distribution Transparency (MADT): Design and Evaluation of a System to Mitigate Necessary Trust in Mobile App Distribution SystemsSecure IT Systems10.1007/978-3-031-47748-5_11(185-203)Online publication date: 8-Nov-2023
https://doi.org/10.1007/978-3-031-47748-5_11
Wang KZheng YZhang QBai GQin MZhang DDong J(2022)Assessing certificate validation user interfaces of WPA supplicantsProceedings of the 28th Annual International Conference on Mobile Computing And Networking10.1145/3495243.3517026(501-513)Online publication date: 14-Oct-2022
https://dl.acm.org/doi/10.1145/3495243.3517026
Luo XXu ZXue KJiang QLi RWei D(2022)ScalaCert: Scalability-Oriented PKI with Redactable Consortium Blockchain Enabled "On-Cert" Certificate Revocation2022 IEEE 42nd International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS54860.2022.00121(1236-1246)Online publication date: Jul-2022
https://doi.org/10.1109/ICDCS54860.2022.00121
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents