New Directions for Trust in the Certificate Authority Ecosystem

Many of the benefits we derive from the Internet require trust in the authenticity of HTTPS connections. Unfortunately, the public key certification ecosystem that underwrites this trust has failed us on numerous occasions. Towards an exploration of the root causes we present an update to the common knowledge about the Certificate Authority (CA) ecosystem. Based on our findings the certificate ecosystem currently undergoes a drastic transformation. Big steps towards ubiquitous encryption were made, however, on the expense of trust for authentication of communication partners. Furthermore we describe systemic problems rooted in misaligned incentives between players in the ecosystem. We depict that proposed security extensions do not correctly realign these incentives. As such we argue that it is worth considering alternative methods of authentication. As a first step in this direction we propose an insurance-based mechanism and we demonstrate that it is technically feasible.

[1]  Arvind Narayanan,et al.  Online Tracking: A 1-million-site Measurement and Analysis , 2016, CCS.

[2]  Eric Wustrow,et al.  CAge: Taming Certificate Authorities by Inferring Restricted Scopes , 2013, Financial Cryptography.

[3]  Paul E. Hoffman,et al.  The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA , 2012, RFC.

[4]  Adam Langley,et al.  Certificate Transparency , 2014, RFC.

[5]  Daniel E. Geer,et al.  Convergence , 2021, IEEE Secur. Priv..

[6]  J. Alex Halderman,et al.  Analysis of the HTTPS certificate ecosystem , 2013, Internet Measurement Conference.

[7]  Jeff Hodges,et al.  HTTP Strict Transport Security (HSTS) , 2012, RFC.

[8]  Ewa Syta,et al.  Certificate Cothority : Towards Trustworthy Collective CAs , 2015 .

[9]  Adrian Perrig,et al.  PKI Safety Net (PKISN): Addressing the Too-Big-to-Be-Revoked Problem of the TLS Ecosystem , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[10]  J. Alex Halderman,et al.  A Search Engine Backed by Internet-Wide Scanning , 2015, CCS.

[11]  Markus Jakobsson,et al.  Designated Verifier Proofs and Their Applications , 1996, EUROCRYPT.

[12]  Adrian Perrig,et al.  Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing , 2008, USENIX Annual Technical Conference.

[13]  Adrian Perrig,et al.  PoliCert: Secure and Flexible TLS Certificate Management , 2014, CCS.

[14]  Hadi Asghari,et al.  Security Collapse in the HTTPS Market , 2014 .

[15]  Ralf Sasse,et al.  ARPKI: Attack Resilient Public-Key Infrastructure , 2014, CCS.

[16]  Hugo Krawczyk,et al.  Chameleon Signatures , 2000, NDSS.

[17]  Raphael M. Reischuk,et al.  Certificates-as-an-Insurance: Incentivizing Accountability in SSL/TLS , 2015 .

[18]  Leyla Bilge,et al.  Before we knew it: an empirical study of zero-day attacks in the real world , 2012, CCS.

[19]  Michael K. Reiter,et al.  Authentication metric analysis and design , 1999, TSEC.

[20]  Collin Jackson,et al.  Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure , 2013, WWW.