Abstract
Trust in publicly verifiable Certificate Transparency (CT) logs is reduced through cryptography, gossip, auditing, and monitoring. The role of a monitor is to observe each and every log entry, looking for suspicious certificates that interest the entity running the monitor. While anyone can run a monitor, it requires continuous operation and copies of the logs to be inspected. This has lead to the emergence of monitoring as-a-service: a trusted third-party runs the monitor and provides registered subjects with selective certificate notifications. We present a CT/bis extension for verifiable light-weight monitoring that enables subjects to verify the correctness of such certificate notifications, making it easier to distribute and reduce the trust which is otherwise placed in these monitors. Our extension supports verifiable monitoring of wild-card domains and piggybacks on CT’s existing gossip-audit security model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
https://sslmate.com/certspotter/, accessed 2018-09-15.
- 2.
https://developers.facebook.com/tools/ct/, accessed 2018-09-15.
- 3.
https://ct.grahamedgecombe.com/, accessed 2018-09-15.
- 4.
Efficient iff less than a linear number of log entries are received per log update.
- 5.
Two audit paths may contain redundancy, but we ignored this favouring simplicity.
- 6.
It would be better if logs supported verifiable and historical get-STH queries.
- 7.
Instead of an index to detect missing notifications (STHs), a log could announce STHs as part of a verifiable get-STH endpoint. See the sketch of Nordberg: https://web.archive.org/web/20170806160119/https://mailarchive.ietf.org/arch/msg/trans/JbFiwO90PjcYzXrEgh-Y7bFG5Fw, accessed 2018-09-16.
- 8.
- 9.
Open source implementation available at https://github.com/rgdd/lwm.
- 10.
http://s3.amazonaws.com/alexa-static/top-1m.csv.zip, accessed 2018-08-05.
- 11.
https://www.grahamedgecombe.com/blog/2016/12/22/compressing-x509-certificates, accessed 2018-08-15.
- 12.
https://sslmate.com/labs/ct_growth/, accessed 2018-08-15.
- 13.
https://github.com/ethereum/wiki/wiki/Patricia-Tree, accessed 2018-08-15.
References
Chuat, L., Szalachowski, P., Perrig, A., Laurie, B., Messeri, E.: Efficient gossip protocols for verifying the consistency of certificate logs. In: IEEE Conference on Communications and Network Security (CNS), pp. 415–423, September 2015
Crosby, S.A., Wallach, D.S.: Efficient data structures for tamper-evident logging. In: 18th USENIX Security Symposium, pp. 317–334, August 2009
Crosby, S.A., Wallach, D.S.: Authenticated dictionaries: Real-world costs and trade-offs. ACM Trans. Inf. Syst. Secur. (TISSEC) 14(2), 17:1–17:30 (2011)
Dahlberg, R., Pulls, T., Vestin, J., Høiland-Jørgensen, T., Kassler, A.: Aggregation-based gossip for certificate transparency. CoRR abs/1806.08817, August 2018
Derler, D., Hanser, C., Slamanig, D.: Revisiting cryptographic accumulators, additional properties and relations to other primitives. In: Topics in Cryptology-Proceedings of the Cryptographer’s Track at the RSA Conference (CT-RSA), pp. 127–144, April 2015
Durumeric, Z., Kasten, J., Bailey, M., Halderman, J.A.: Analysis of the HTTPS certificate ecosystem. In: Proceedings of the 2013 Internet Measurement Conference, pp. 291–304, October 2013
Eijdenberg, A., Laurie, B., Cutter, A.: Verifiable data structures. Google research document, November 2015. https://github.com/google/trillian/blob/master/docs/VerifiableDataStructures.pdf. Accessed 16 Sep 2018
ENISA: Certificate authorities–the weak link of Internet security. Info notes, September 2016. https://web.archive.org/web/20180527220047/www.enisa.europa.eu/publications/info-notes/certificate-authorities-the-weak-link-of-internet-security. Accessed 16 Sep 2018
Katz, J.: Analysis of a proposed hash-based signature standard. In: Third International Conference on Security Standardisation Research (SSR), pp. 261–273, December 2016
Kim, T.H., Huang, L., Perrig, A., Jackson, C., Gligor, V.D.: Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure. In: 22nd International World Wide Web Conference (WWW), pp. 679–690, May 2013
Kocher, P.C.: On certificate revocation and validation. In: Proceedings of the Second International Conference on Financial Cryptography (FC), pp. 172–177, February 1998
Laurie, B., Langley, A., Kasper, E.: Certificate transparency. RFC 6962, IETF, June 2013. https://tools.ietf.org/html/rfc6962
Laurie, B., Langley, A., Kasper, E., Messeri, E., Stradling, R.: Certificate transparency version 2.0. Internet-draft draft-ietf-trans-rfc6962-bis-28, IETF, March 2018. https://tools.ietf.org/html/draft-ietf-trans-rfc6962-bis-28, work in progress
Melara, M.S., Blankstein, A., Bonneau, J., Felten, E.W., Freedman, M.J.: CONIKS: Bringing key transparency to end users. In: 24th USENIX Security Symposium, pp. 383–398, August 2015
Merkle, R.C.: A digital signature based on a conventional encryption function. In: Advances in Cryptology (CRYPTO), pp. 369–378, August 1987
Nordberg, L., Gillmor, D.K., Ritter, T.: Gossiping in CT. Internet-draft draft-ietf-trans-gossip-05, IETF, January 2018. https://tools.ietf.org/html/draft-ietf-trans-gossip-05, work in progress
Nuckolls, G.: Verified query results from hybrid authentication trees. In: Proceedings of the 19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, pp. 84–98, August 2005
Sleevi, R., Messeri, E.: Certificate transparency in Chrome: Monitoring CT logs consistency. Design document, Google Inc., March 2017. https://docs.google.com/document/d/1FP5J5Sfsg0OR9P4YT0q1dM02iavhi8ix1mZlZe_z-ls/edit?pref=2&pli=1. Accessed 16 Sep 2018
Syta, E., et al.: Keeping authorities “honest or bust” with decentralized witness cosigning. In: IEEE Symposium on Security and Privacy (SP), pp. 526–545, May 2016
Tamassia, R.: Authenticated data structures. In: 11th Annual European Symposium (ESA) on Algorithms, pp. 2–5, September 2003
Acknowledgments
We would like to thank Linus Nordberg for value feedback. This research was funded by the Swedish Knowledge Foundation as part of the HITS research profile.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Dahlberg, R., Pulls, T. (2018). Verifiable Light-Weight Monitoring for Certificate Transparency Logs. In: Gruschka, N. (eds) Secure IT Systems. NordSec 2018. Lecture Notes in Computer Science(), vol 11252. Springer, Cham. https://doi.org/10.1007/978-3-030-03638-6_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-03638-6_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03637-9
Online ISBN: 978-3-030-03638-6
eBook Packages: Computer ScienceComputer Science (R0)