Projekte pro Jahr
Abstract
On today's Internet, combining the end-to-end security of TLS with Content Delivery Networks (CDNs) while ensuring the authenticity of connections results in a challenging delegation problem. When CDN servers provide content, they have to authenticate themselves as the origin server to establish a valid end-to-end TLS connection with the client. In standard TLS, the latter requires access to the secret key of the server. To curb this problem, multiple workarounds exist to realize a delegation of the authentication. In this paper, we present a solution that renders key sharing unnecessary and reduces the need for workarounds. By adapting identity-based signatures to this setting, our solution offers short-lived delegations. Additionally, by enabling forward-security, existing delegations remain valid even if the server's secret key leaks. We provide an implementation of the scheme and discuss integration into a TLS stack. In our evaluation, we show that an efficient implementation incurs less overhead than a typical network round trip. Thereby, we propose an alternative approach to current delegation practices on the web.
Originalsprache | englisch |
---|---|
Titel | CCSW 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop |
Erscheinungsort | Virtual Event, USA |
Seiten | 119-132 |
Seitenumfang | 14 |
ISBN (elektronisch) | 9781450380843 |
DOIs | |
Publikationsstatus | Veröffentlicht - 9 Nov. 2020 |
Veranstaltung | The ACM Cloud Computing Security Workshop in conjunction with the ACM Conference on Computer and Communications Security: CCS 2020 - Virtual Event, Virtuell, USA / Vereinigte Staaten Dauer: 9 Nov. 2020 → … https://ccsw.io/ |
Publikationsreihe
Name | CCSW 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop |
---|
Workshop
Workshop | The ACM Cloud Computing Security Workshop in conjunction with the ACM Conference on Computer and Communications Security |
---|---|
Kurztitel | CCSW'20 |
Land/Gebiet | USA / Vereinigte Staaten |
Ort | Virtuell |
Zeitraum | 9/11/20 → … |
Internetadresse |
ASJC Scopus subject areas
- Informatik (insg.)
- Computernetzwerke und -kommunikation
Fields of Expertise
- Information, Communication & Computing
Projekte
- 1 Abgeschlossen
-
EU - KRAKEN - Vermittlungs- und Marktplattform für personenbezogene Daten
1/12/19 → 30/11/22
Projekt: Forschungsprojekt
Aktivitäten
- 1 Vortrag bei Konferenz oder Fachtagung
-
Short-Lived Forward-Secure Delegation for TLS
Lukas Alber (Redner/in), Stefan Josef More (Beitragende/r) & Sebastian Ramacher (Beitragende/r)
9 Nov. 2020Aktivität: Vortrag oder Präsentation › Vortrag bei Konferenz oder Fachtagung › Science to science