Think Global, Act Local: Gossip and Client Audits in Verifiable Data Structures

In recent years, there has been increasing recognition of the benefits of having services provide auditable logs of data, as demonstrated by the deployment of Certificate Transparency and the development of other transparency projects. Most proposed systems, however, rely on a gossip protocol by which users can be assured that they have the same view of the log, but the few gossip protocols that do exist today are not suited for near-term deployment. Furthermore, they assume the presence of global sets of auditors, who must be blindly trusted to correctly perform their roles, in order to achieve their stated transparency goals. In this paper, we address both of these issues by proposing a gossip protocol and a verifiable registry, Mog, in which users can perform their own auditing themselves. We prove the security of our protocols and demonstrate via experimental evaluations that they are performant in a variety of potential near-term deployments.

[1]  Dan S. Wallach,et al.  Super-Efficient Aggregating History-Independent Persistent Authenticated Dictionaries , 2009, ESORICS.

[2]  Georg Carle,et al.  In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements , 2018, PAM.

[3]  Justin Cappos,et al.  CHAINIAC: Proactive Software-Update Transparency via Collectively Signed Skipchains and Verified Builds , 2017, USENIX Security Symposium.

[4]  Collin Jackson,et al.  Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure , 2013, WWW.

[5]  Mary Baker,et al.  Secure History Preservation Through Timeline Entanglement , 2002, USENIX Security Symposium.

[6]  Elaine Shi,et al.  The Sleepy Model of Consensus , 2017, ASIACRYPT.

[7]  Victor Shoup,et al.  Secure and Efficient Asynchronous Broadcast Protocols , 2001, CRYPTO.

[8]  Adrian Perrig,et al.  Efficient gossip protocols for verifying the consistency of Certificate logs , 2015, 2015 IEEE Conference on Communications and Network Security (CNS).

[9]  Markulf Kohlweiss,et al.  Updatable and Universal Common Reference Strings with Applications to zk-SNARKs , 2018, IACR Cryptol. ePrint Arch..

[10]  Ralf Sasse,et al.  ARPKI: Attack Resilient Public-Key Infrastructure , 2014, CCS.

[11]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[12]  Tom Ritter,et al.  Gossiping in CT , 2018 .

[13]  Andreas Haeberlen,et al.  PeerReview: practical accountability for distributed systems , 2007, SOSP.

[14]  Dennis Shasha,et al.  Secure Untrusted Data Repository (SUNDR) , 2004, OSDI.

[15]  Roel Peeters,et al.  Balloon: A Forward-Secure Append-Only Persistent Authenticated Data Structure , 2015, ESORICS.

[16]  Nancy A. Lynch,et al.  Consensus in the presence of partial synchrony , 1988, JACM.

[17]  David E. Culler,et al.  WAVE: A Decentralized Authorization Framework with Transitive Delegation , 2019, USENIX Security Symposium.

[18]  Arno Fiedler,et al.  Certificate transparency , 2014, Commun. ACM.

[19]  Michael J. Freedman,et al.  CONIKS: Bringing Key Transparency to End Users , 2015, USENIX Security Symposium.

[20]  Sarah Meiklejohn,et al.  Contour: A Practical System for Binary Transparency , 2017, DPM/CBT@ESORICS.

[21]  Kenneth G. Paterson,et al.  Coming of Age: A Longitudinal Study of TLS Deployment , 2018, Internet Measurement Conference.

[22]  Andreas Haeberlen,et al.  The Case for Byzantine Fault Detection , 2006, HotDep.

[23]  Michael T. Goodrich,et al.  Persistent Authenticated Dictionaries and Their Applications , 2001, ISC.

[24]  B. Eisenberg On the expectation of the maximum of IID geometric random variables , 2008 .

[25]  Toke Høiland-Jørgensen,et al.  Aggregation-Based Gossip for Certificate Transparency , 2018, ArXiv.

[26]  Dan Boneh,et al.  Bulletproofs: Short Proofs for Confidential Transactions and More , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[27]  Eli Ben-Sasson,et al.  Scalable Zero Knowledge with No Trusted Setup , 2019, CRYPTO.

[28]  Loi Luu,et al.  FlyClient: Super-Light Clients for Cryptocurrencies , 2020, 2020 IEEE Symposium on Security and Privacy (SP).

[29]  Srinivas Devadas,et al.  Catena: Efficient Non-equivocation via Bitcoin , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[30]  Blase Ur,et al.  Can Unicorns Help Users Compare Crypto Key Fingerprints? , 2017, CHI.

[31]  Adam Langley,et al.  Certificate Transparency Version 2.0 , 2019, RFC.

[32]  Adrienne Porter Felt,et al.  Measuring HTTPS Adoption on the Web , 2017, USENIX Security Symposium.

[33]  Srinivas Devadas,et al.  Transparency Logs via Append-Only Authenticated Dictionaries , 2019, IACR Cryptol. ePrint Arch..

[34]  Mark Ryan,et al.  Enhanced Certificate Transparency and End-to-End Encrypted Mail , 2014, NDSS.

[35]  Jens Groth,et al.  On the Size of Pairing-Based Non-interactive Arguments , 2016, EUROCRYPT.

[36]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[37]  Dan S. Wallach,et al.  Efficient Data Structures For Tamper-Evident Logging , 2009, USENIX Security Symposium.

[38]  Apoorvaa Deshpande,et al.  SEEMless: Secure End-to-End Encrypted Messaging with less Trust , 2019, CCS.

[39]  Jens Groth,et al.  Short Pairing-Based Non-interactive Zero-Knowledge Arguments , 2010, ASIACRYPT.

[40]  Roel Peeters,et al.  Efficient Sparse Merkle Trees - Caching Strategies and Secure (Non-)Membership Proofs , 2016, NordSec.

[41]  Douglas Stebila,et al.  Secure Logging Schemes and Certificate Transparency , 2016, ESORICS.

[42]  David Wolinsky,et al.  Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning , 2015, 2016 IEEE Symposium on Security and Privacy (SP).

[43]  Joseph Bonneau,et al.  EthIKS: Using Ethereum to Audit a CONIKS Key Transparency Log , 2016, Financial Cryptography Workshops.

[44]  Matthew Smith,et al.  Hey, NSA: Stay Away from my Market! Future Proofing App Markets against Powerful Attackers , 2014, CCS.

[45]  Melissa Chase,et al.  Transparency Overlays and Applications , 2016, IACR Cryptol. ePrint Arch..