server side adoption of certificate transparency
play

Server-side Adoption of Certificate Transparency Carl Nykvist, - PowerPoint PPT Presentation

Mar 03, 2023 •381 likes •1.11k views

Server-side Adoption of Certificate Transparency Carl Nykvist, Linkping University Linus Sjstrm, Linkping University Josef Gustafsson, Linkping University Niklas Carlsson, Linkping University Proc. PAM , Berlin, Germany, Mar. 2018

  1. Server-side Adoption of Certificate Transparency Carl Nykvist, Linköping University Linus Sjöström, Linköping University Josef Gustafsson, Linköping University Niklas Carlsson, Linköping University Proc. PAM , Berlin, Germany, Mar. 2018

  2. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) E.g., HTTPS does HTTP over TLS

  3. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  4. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  5. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) User need to trust FB’s public key is FBs E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  6. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) User need to trust FB’s public key is FB’s E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  7. Motivation and high-level problem • Private and confidential communication important • Billions of devices • Millions of services • Certification Authorities (CAs) issue certificates • Proof of identity (signed with their private key) E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  8. Motivation and high-level problem • If CAs in our trust (root) store (e.g., Symantec/ Verisign) tells us that a public key belongs to Google, our browsers (and us) trust that this is the case E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  9. Motivation and high-level problem • If CAs in our trust (root) store (e.g., Symantec/ Verisign) tells us that a public key belongs to Google, our browsers (and us) trust that this is the case This is Google’s public key … Trusted CA E.g., HTTPS does HTTP over TLS User need to trust Google’s public key is Google’s

  10. Motivation and high-level problem • However, mistakes happen ... • E.g., in Oct. 2015, Google discovered (using CT) that Symantec had issued test certificates for 76 domains that they did not own (including Google domains) and another 2,458 unregistered domains … This is Google’s public key … Symantec (Trusted CA) E.g., HTTPS does HTTP over TLS Some server User need to trust Google’s public key is Google’s

  11. CT: Emerging trust-monitoring solution • Since then, Google has demanded that Symantec logs all their certificates in public (append-only) CT logs • Since Jan. 2015, the Chrome browser requires all EV certificates be logged in 1 Google log and 1 other log • Mozilla planning to make similar demands • Both Chrome and Mozilla expected to implement policies for DV certificates too …

  12. CT: Emerging trust-monitoring solution This is Google’s public key … Symantec (Trusted CA) E.g., HTTPS does HTTP over TLS Some server User need to trust Google’s public key is Google’s

  13. CT: Emerging trust-monitoring solution CT log This is Google’s public key … Symantec (Trusted CA) E.g., HTTPS does HTTP over TLS Some server User need to trust Google’s public key is Google’s

  14. CT: Emerging trust-monitoring solution CT log S ... and here is a proof that the cert has been logged. This is Google’s S public key … Symantec (Trusted CA) E.g., HTTPS does HTTP over TLS Some server User need to trust Google’s public key is Google’s

  15. CT: Emerging trust-monitoring solution Signed Certificate Timestamp (SCT) L Certificate S Symantec (Trusted CA) E.g., HTTPS does HTTP over TLS Some server User need to trust Google’s public key is Google’s

  16. Signed Certificate Timestamps (SCTs) • SCTs delivered three different ways • X.509v3 extension • TLS extension • OSCP stapling • In this paper, we characterize and compare • Server-side usage of these methods • Client-side performance of these methods

  17. Background

  18. Certification of public keys

  19. Certification of public keys

  20. Certification of public keys Server Browser

  21. Certification of public keys • Browsers have trust stores with root certs (of CAs) R CA Server Browser R

  22. Certification of public keys • Browsers have trust stores with root certs (of CAs) R R CA CA Server Browser R R

  23. Certification of public keys • Browsers have trust stores with root certs (of CAs) R CA Server Browser R

  24. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain L CA Server Browser L R

  25. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain • Signature of certs can be validated using keys in root store CA Server Browser L L R

  26. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain • Signature of certs can be validated using keys in root store R L CA Server Browser L L R

  27. Certification of public keys This is server X’s public key, signed with private key of CA Trust store include CA’s root cert (and public key) R L CA Server Browser L L R

  28. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain • Signature of certs can be validated using keys in root store • In practice, many • Many CAs, servers R L CA • Varying trust+security Server Browser L L R

  29. Certification of public keys • Browsers have trust stores with root certs (of CAs) • CAs use private key to sign certs for servers/domains • Certs are proof that public key belongs to server/domain • Signature of certs can be validated using keys in root store • In practice, many • Many CAs, servers • Varying trust+security

  30. Certification Transparency (CT)

  31. Certification Transparency (CT) Log Log Log Log • Logs • Public record of certs L S • Append only (Merkle trees) • Create SCTs S • SCTs • Proof cert is logged S

  32. Certification Transparency (CT) Log Log Log Log • Logs • Public record of certs L S • Append only (Merkle trees) • Create SCTs S • SCTs • Proof cert is logged S

  33. Certification Transparency (CT) Log Log Log Log • Logs • Public record of certs L S • Append only (Merkle trees) • Create SCTs S • SCTs • Proof cert is logged S

  34. Certification Transparency (CT) Log Log Log Log • Logs • Public record of certs L S • Append only (Merkle trees) • Create SCTs S • SCTs • Proof cert is logged S

  35. Three SCT delivery methods

  36. Three SCT delivery methods

  37. Three SCT delivery methods

  38. Three SCT delivery methods

  39. Bigger picture

  40. Bigger picture • Last year’s (PAM ‘17) Log Monitor Log • Log Monitor: All public logs Log • Campus measurements: All HTTPS sessions for L a week S • This paper (PAM ’18) S • Server-side SCT usage • Client-side performance • Other related work • Gasser et al. (PAM ‘18 ), Amann et al. (IMC ‘17), VanderSloot et al.(IMC ‘16)

  41. Bigger picture • Last year’s (PAM ‘17) Log Monitor Log • Log Monitor: All public logs Log • Campus measurements: All HTTPS sessions for L SCTs a week S • This paper (PAM ’18) S • Server-side SCT usage • Client-side performance • Other related work S • Gasser et al. (PAM ‘18 ), Amann et al. (IMC ‘17), VanderSloot et al.(IMC ‘16 ) Alexa top 1M

  42. Results

  43. Dataset overview 4+ months • Method • Alexa top-1M • Two snapshots: May 31 (2017) and Oct. 6 (2017) • Single machine, 600 parallel threads (approx. 4 hours) • SCT usage increase across all methods • X.509v3 dominates (easiest method for server domains)

  44. Popularity-based breakdown

  45. Popularity-based breakdown Oct 2017 May 2017

  46. Popularity-based breakdown • SCT usage highest among most popular domains • TLS usage highest among most popular domains

Recommend

Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate Emily Stark , Ryan

Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate Emily Stark , Ryan

Does Certificate Transparency Break the Web? Measuring Adoption and Error Rate Emily Stark , Ryan Sleevi, Rijad Muminovic, Devon OBrien, Eran Messeri, Adrienne Porter Felt, Brendan McMillion, Parisa Tabriz estark@chromium.org How

484 views • 31 slides
Revocaton protocols of WebPKI and Revocaton Transparency Nikita Korzhitskii Niklas Carlsson

Revocaton protocols of WebPKI and Revocaton Transparency Nikita Korzhitskii Niklas Carlsson

Revocaton protocols of WebPKI and Revocaton Transparency Nikita Korzhitskii Niklas Carlsson Lifecycle of a typical WebPKI certfcate www.liu.se Certificate Certificate Authority Server 1. Issuance www.liu.se Hello 2. Use Certificate

377 views • 10 slides
Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh Stanford Google NYU Stanford Certificate Authorities Public Key Certificate CA Certificate apo-CA-lypse apo-CA-lypse Certificate Transparency

722 views • 30 slides
TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server

TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server

TERENA Server Certificate Service Towards the large-scale use of affordable popup-free server certificates for the European Research & Educational community Jan Meijer Amsterdam, 24 Januari 2006 High-quality I nternet for higher education

673 views • 10 slides
Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh

Certificate Transparency with Privacy Saba Eskandarian, Eran Messeri, Joe Bonneau, Dan Boneh Stanford Google NYU Stanford Certificate Authorities Public Key Certificate Authorities Public Key Certificate CA Certificate apo-CA-lypse

1.17k views • 63 slides
Session 19 Introduction to Server-Side Scripting 1 Lecture Objectives Recognize that a

Session 19 Introduction to Server-Side Scripting 1 Lecture Objectives Recognize that a

Session 19 Server Side Scripting Session 19 Introduction to Server-Side Scripting 1 Lecture Objectives Recognize that a server script provides a way to extend an html page to include logic and insertion of data Understand the

612 views • 12 slides
An Introduction to Php for Web API Principle of server side script WEB Client WEB SERVER html

An Introduction to Php for Web API Principle of server side script WEB Client WEB SERVER html

An Introduction to Php for Web API Principle of server side script WEB Client WEB SERVER html document SCRIPT HTTP SCRIPT Script engine Pages are generated by a program A html document at the server side includes the code to be

741 views • 72 slides
Transparency is not enough Delivered by Miriam Struyk, PAX Side event at CCW April 13 2016

Transparency is not enough Delivered by Miriam Struyk, PAX Side event at CCW April 13 2016

Transparency is not enough Delivered by Miriam Struyk, PAX Side event at CCW April 13 2016 Dear ladies and gentlemen, The title of this side event is Transparency is not enough. Now as we all know countless initiatives to demand

148 views • 4 slides
COMP7306: Web technologies Server-side Web programming 6 February 2013 1 / 73 Pierre Senellart

COMP7306: Web technologies Server-side Web programming 6 February 2013 1 / 73 Pierre Senellart

COMP7306: Web technologies Server-side Web programming 6 February 2013 1 / 73 Pierre Senellart Licence de droits dusage Outline HTML forms Principles Input fields Server-side languages An example: PHP Introduction to database

1.08k views • 74 slides
Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)

Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)

Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS) d.w.chadwick@salford.ac.uk The Problem PKI clients cannot search for specific X.509 attributes stored in LDAP directories, e.g. Find the encryption PKC for

667 views • 23 slides
Adaptive Mobile Web Design with a server side flavour James Rosewell & Thomas Holmes 1st

Adaptive Mobile Web Design with a server side flavour James Rosewell & Thomas Holmes 1st

Adaptive Mobile Web Design with a server side flavour James Rosewell & Thomas Holmes 1st June 2012 Explain Server Side options Objective = Efficient use of 1. your time 2. resources (server, client and data network) 1st June 2012 Agenda

626 views • 51 slides
Performant Certificate Transparency Monitoring Intermediate talk for the IDP by Otto Breitwieser

Performant Certificate Transparency Monitoring Intermediate talk for the IDP by Otto Breitwieser

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Performant Certificate Transparency Monitoring Intermediate talk for the IDP by Otto Breitwieser advised by Max Helm, Patrick Sattler Monday 8

602 views • 11 slides
Web Server Design Lecture 9 Server-Side Execution Old Dominion University Department of

Web Server Design Lecture 9 Server-Side Execution Old Dominion University Department of

Web Server Design Lecture 9 Server-Side Execution Old Dominion University Department of Computer Science CS 431/531 Fall 2019 Sawood Alam <salam@cs.odu.edu> 2019-10-24 Original slides by Michael L. Nelson Common Gateway Interface

653 views • 16 slides
SERVER-SIDE RENDERING ISN'T ENOUGH SERVER-SIDE RENDERING ISN'T ENOUGH MATTHEW PHILLIPS MATTHEW

SERVER-SIDE RENDERING ISN'T ENOUGH SERVER-SIDE RENDERING ISN'T ENOUGH MATTHEW PHILLIPS MATTHEW

SERVER-SIDE RENDERING ISN'T ENOUGH SERVER-SIDE RENDERING ISN'T ENOUGH MATTHEW PHILLIPS MATTHEW PHILLIPS GITHUB.COM/CANJS/CAN-SSR GITHUB.COM/CANJS/CAN-SSR TERMS TERMS Shared codebase Isomorphic Universal WHY BOTHER WHY BOTHER This sucks

453 views • 29 slides
Cookies and Sessions Thierry Security assumptions You have absolutely no control on the client

Cookies and Sessions Thierry Security assumptions You have absolutely no control on the client

Cookies and Sessions Thierry Security assumptions You have absolutely no control on the client Client Side Server Side Web Server Database Web Browser Cookies The big picture key/value pairs data Client Side Server Side HTTP request

783 views • 13 slides
In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet

In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet

Chair of Network Architectures and Services Department of Informatics Technical University of Munich In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements Oliver Gasser, Benjamin Hof, Max

531 views • 39 slides
CSCC09 Programming on the Web Thierry Sans Architecture of a Web Application Client Side

CSCC09 Programming on the Web Thierry Sans Architecture of a Web Application Client Side

CSCC09 Programming on the Web Thierry Sans Architecture of a Web Application Client Side Server Side Web Server Web Browser Web Technologies Content Resources Presentation management Client Side Processing Multimedia The evolution of

1.24k views • 23 slides
Server and Threads vanilladb.org Where are we? VanillaCore JDBC Interface (at Client Side)

Server and Threads vanilladb.org Where are we? VanillaCore JDBC Interface (at Client Side)

Server and Threads vanilladb.org Where are we? VanillaCore JDBC Interface (at Client Side) Remote.JDBC (Client/Server) Server Query Interface Tx Planner Parse Algebra Storage Interface Sql/Util Concurrency Recovery Metadata Index

787 views • 66 slides
Server Side Internet Programming Objectives The basics of servlets mapping and

Server Side Internet Programming Objectives The basics of servlets mapping and

Server Side Internet Programming Server Side Internet Programming Objectives The basics of servlets mapping and configuration compilation and execution Cookies and sessions Request and session attributes JSP execution,

946 views • 53 slides
Server-side Scripting Slides courtesy of Xenia Mountrouidou URLs and web servers 2

Server-side Scripting Slides courtesy of Xenia Mountrouidou URLs and web servers 2

Server-side Scripting Slides courtesy of Xenia Mountrouidou URLs and web servers 2 http://server/path/file Usually when you type a URL in your browser: Your computer looks up the server's IP address using DNS Your browser connects

645 views • 36 slides
Perl/CGI Perl/CGI is a server-side scripting language, used to run arbitrary programs within the

Perl/CGI Perl/CGI is a server-side scripting language, used to run arbitrary programs within the

Perl/CGI Perl/CGI is a server-side scripting language, used to run arbitrary programs within the web server. The web server is configured to understand the Perl scripts and to execute them. The web server on CCC is configured to connect to both

352 views • 7 slides
Server side basics 1 CS380 URLs and web servers 2 http://server/path/file Usually when you

Server side basics 1 CS380 URLs and web servers 2 http://server/path/file Usually when you

Server side basics 1 CS380 URLs and web servers 2 http://server/path/file Usually when you type a URL in your browser: Your computer looks up the server's IP address using DNS Your browser connects to that IP address and requests

732 views • 39 slides
Control What You Include! Server-Side Protec7on against Third

Control What You Include! Server-Side Protec7on against Third

Control What You Include! Server-Side Protec7on against Third Party Web Tracking Dolire Francis Som, Nataliia Bielova, Tamara Rezk Privaski 2017

567 views • 18 slides
Server -side security risks (esp sp. . injection jection atta ttacks) s) websec 1 Attacks

Server -side security risks (esp sp. . injection jection atta ttacks) s) websec 1 Attacks

Web Securi rity ty Server -side security risks (esp sp. . injection jection atta ttacks) s) websec 1 Attacks on the web server malicious input web server er output This can be attacks on Availability: i.e. DoS attack, where attacker

1.86k views • 79 slides

More recommend