Short-Lived Forward-Secure Delegation for TLS

Lukas Alber*, Stefan More*, Sebastian Ramacher*

*Korrespondierende/r Autor/in für diese Arbeit

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem Konferenzband

Abstract

On today's Internet, combining the end-to-end security of TLS with Content Delivery Networks (CDNs) while ensuring the authenticity of connections results in a challenging delegation problem. When CDN servers provide content, they have to authenticate themselves as the origin server to establish a valid end-to-end TLS connection with the client. In standard TLS, the latter requires access to the secret key of the server. To curb this problem, multiple workarounds exist to realize a delegation of the authentication. In this paper, we present a solution that renders key sharing unnecessary and reduces the need for workarounds. By adapting identity-based signatures to this setting, our solution offers short-lived delegations. Additionally, by enabling forward-security, existing delegations remain valid even if the server's secret key leaks. We provide an implementation of the scheme and discuss integration into a TLS stack. In our evaluation, we show that an efficient implementation incurs less overhead than a typical network round trip. Thereby, we propose an alternative approach to current delegation practices on the web.

Originalspracheenglisch
TitelCCSW 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop
ErscheinungsortVirtual Event, USA
Seiten119-132
Seitenumfang14
ISBN (elektronisch)9781450380843
DOIs
PublikationsstatusVeröffentlicht - 9 Nov 2020
VeranstaltungThe ACM Cloud Computing Security Workshop: in conjunction with the ACM Conference on Computer and Communications Security (CCS) - Virtual Event, Virtuell, USA / Vereinigte Staaten
Dauer: 9 Nov 2020 → …
https://ccsw.io/

Publikationsreihe

NameCCSW 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop

Workshop

WorkshopThe ACM Cloud Computing Security Workshop
KurztitelCCSW'20
LandUSA / Vereinigte Staaten
OrtVirtuell
Zeitraum9/11/20 → …
Internetadresse

ASJC Scopus subject areas

  • !!Computer Science(all)
  • !!Computer Networks and Communications

Fields of Expertise

  • Information, Communication & Computing

Fingerprint Untersuchen Sie die Forschungsthemen von „Short-Lived Forward-Secure Delegation for TLS“. Zusammen bilden sie einen einzigartigen Fingerprint.

Dieses zitieren