Short-Lived Forward-Secure Delegation for TLS

Lukas Alber*, Stefan More*, Sebastian Ramacher*

*Korrespondierende/r Autor/-in für diese Arbeit

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung

Abstract

On today's Internet, combining the end-to-end security of TLS with Content Delivery Networks (CDNs) while ensuring the authenticity of connections results in a challenging delegation problem. When CDN servers provide content, they have to authenticate themselves as the origin server to establish a valid end-to-end TLS connection with the client. In standard TLS, the latter requires access to the secret key of the server. To curb this problem, multiple workarounds exist to realize a delegation of the authentication. In this paper, we present a solution that renders key sharing unnecessary and reduces the need for workarounds. By adapting identity-based signatures to this setting, our solution offers short-lived delegations. Additionally, by enabling forward-security, existing delegations remain valid even if the server's secret key leaks. We provide an implementation of the scheme and discuss integration into a TLS stack. In our evaluation, we show that an efficient implementation incurs less overhead than a typical network round trip. Thereby, we propose an alternative approach to current delegation practices on the web.

Originalspracheenglisch
TitelCCSW 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop
ErscheinungsortVirtual Event, USA
Seiten119-132
Seitenumfang14
ISBN (elektronisch)9781450380843
DOIs
PublikationsstatusVeröffentlicht - 9 Nov. 2020
VeranstaltungThe ACM Cloud Computing Security Workshop in conjunction with the ACM Conference on Computer and Communications Security: CCS 2020 - Virtual Event, Virtuell, USA / Vereinigte Staaten
Dauer: 9 Nov. 2020 → …
https://ccsw.io/

Publikationsreihe

NameCCSW 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop

Workshop

WorkshopThe ACM Cloud Computing Security Workshop in conjunction with the ACM Conference on Computer and Communications Security
KurztitelCCSW'20
Land/GebietUSA / Vereinigte Staaten
OrtVirtuell
Zeitraum9/11/20 → …
Internetadresse

ASJC Scopus subject areas

  • Informatik (insg.)
  • Computernetzwerke und -kommunikation

Fields of Expertise

  • Information, Communication & Computing

Dieses zitieren