论文标题
SOK:证书透明度中的SCT审核
SoK: SCT Auditing in Certificate Transparency
论文作者
论文摘要
Web公共密钥基础架构对于今天在Internet上提供安全的通信至关重要,并且证书授权机构通过发行证书在本生态系统中起着至关重要的作用。这些当局可能会误解证书或滥用攻击,这导致了证书透明度(CT)项目。 CT的目的是将所有已发行的证书存储在公共日志中,然后可以检查是否存在潜在的误解证书。因此,给定证书确实在其中一个(或几个)中的要求位于CT的核心。但是,在当前部署中,大多数个人客户端没有检查他们看到的证书是否在日志中,因为请求包含证明可以直接揭示证书,从而产生了违反该客户隐私的明显潜力。在本文中,我们探讨了针对保密审核证书包含的审核,重点介绍其在近期部署中的有效性,效率和适合性的技术。在此过程中,我们还探讨了与涉及浏览器客户的相关问题的相似之处。在我们开发的一系列约束的指导下,我们最终在许多建议中观察到了一些关键局限性,从其隐私条款到他们关注客户与日志之间的互动的事实,但请打开一个问题,即客户如何私下报告任何丢失的证书。
The Web public key infrastructure is essential to providing secure communication on the Internet today, and certificate authorities play a crucial role in this ecosystem by issuing certificates. These authorities may misissue certificates or suffer misuse attacks, however, which has given rise to the Certificate Transparency (CT) project. The goal of CT is to store all issued certificates in public logs, which can then be checked for the presence of potentially misissued certificates. Thus, the requirement that a given certificate is indeed in one (or several) of these logs lies at the core of CT. In its current deployment, however, most individual clients do not check that the certificates they see are in logs, as requesting a proof of inclusion directly reveals the certificate and thus creates the clear potential for a violation of that client's privacy. In this paper, we explore the techniques that have been proposed for privacy-preserving auditing of certificate inclusion, focusing on their effectiveness, efficiency, and suitability in a near-term deployment. In doing so, we also explore the parallels with related problems involving browser clients. Guided by a set of constraints that we develop, we ultimately observe several key limitations in many proposals, ranging from their privacy provisions to the fact that they focus on the interaction between a client and a log but leave open the question of how a client could privately report any certificates that are missing.
