[Invited Talk] Proposals for Accountable and Attack-Resilient Key Infrastructures
- Topic : [Invited Talk] Proposals for Accountable and Attack-Resilient Key Infrastructures
- Speaker: Dr. Tiffany Hyun-Jin Kim, HRL Laboratories in Malibu, California
- Date: Wednesday, December 27th, 2017
- Time: 11:00 am- 12:10 pm
- Venue: R210, CSIE-Der Tian Hall, NTU 臺灣大學 德田館 210
Abstract
The current Transport Layer Security (TLS) Public-Key Infrastructure (PKI) is based on a weakest-link security model that depends on over a thousand trust roots. The recent history of malicious and compromised Certification Authorities (CAs) has fueled the desire for alternatives. Creating a new, secure infrastructure is, however, a surprisingly challenging task due to the large number of parties involved and the many ways that they can interact. A principled approach to its design is therefore mandatory, as humans cannot feasibly consider all the cases that can occur due to the multitude of interleavings of actions by legitimate parties and attackers, such as private key compromises, key revocations, key updates, etc. We present AKI, an PKI architecture that reduces the level of trust in CAs. AKI integrates an architecture for key revocation of all entities with an architecture for accountability of all infrastructure parties through checks and balances. AKI efficiently handles common certification operations, and gracefully handles catastrophic events such as domain key loss or compromise. AKI also offers flexibility for entities to select a security policy for their certificates, enabling a tradeoff between availability and security. ARPKI, an Attack-Resilient PKI, is a successor of AKI that is co-designed with a formal model, and we prove that ARPKI offers extremely strong security guarantees, where compromising even n 1 trusted signing and verifying entities is insufficient to launch a man-in-the-middle attack. According to our proof-of-concept implementation and evaluation, ARPKI efficiently handles the certification process with low overhead, without incurring additional latency to TLS, since no additional round trips are required.
Biography
Dr. Tiffany Hyun-Jin Kim is a Research Scientist in at HRL Laboratories in Malibu, California. She obtained her B.A. in Computer Science at UC Berkeley, M.S. in Computer Science at Yale University, and Ph.D. in Electrical and Computer Engineering at Carnegie Mellon University. Her research interests include user-centric security and privacy, network security, trust management, and applied cryptography.
