A Formal Treatment of Accountable Proxying Over TLS

Bhargavan, Karthikeyan; Boureanu, Ioana; Delignat-Lavaud, Antoine; Fouque, Pierre-Alain; Onete, Cristina

doi:10.1109/sp.2018.00021

Cited by 20 publications

(15 citation statements)

References 28 publications

(42 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…mcTLS allows TLS endpoints (i.e., clients and webservers) to introduce middleboxes in secure end-to-end connection while restricting what the middleboxes can read or write. However, Bhargavan et al [9] show that mcTLS is insecure and susceptible to a class of attack called middlebox confusion attacks. They suggested a provable secure alternative to mcTLS avoiding the middlebox confusion issue.…”

Section: Delegation and Multi-entity Communication In Other Protocolsmentioning

confidence: 99%

Short-Lived Forward-Secure Delegation for TLS

Alber

Ramacher

2020

Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop

View full text Add to dashboard Cite

On today's Internet, combining the end-to-end security of TLS with Content Delivery Networks (CDNs) while ensuring the authenticity of connections results in a challenging delegation problem. When CDN servers provide content, they have to authenticate themselves as the origin server to establish a valid end-to-end TLS connection with the client. In standard TLS, the latter requires access to the secret key of the server. To curb this problem, multiple workarounds exist to realize a delegation of the authentication. In this paper, we present a solution that renders key sharing unnecessary and reduces the need for workarounds. By adapting identity-based signatures to this setting, our solution offers short-lived delegations. Additionally, by enabling forward-security, existing delegations remain valid even if the server's secret key leaks. We provide an implementation of the scheme and discuss integration into a TLS stack. In our evaluation, we show that an efficient implementation incurs less overhead than a typical network round trip. Thereby, we propose an alternative approach to current delegation practices on the web. CCS CONCEPTS • Security and privacy → Web protocol security; Key management.

show abstract

Section: Delegation and Multi-entity Communication In Other Protocolsmentioning

confidence: 99%

Short-Lived Forward-Secure Delegation for TLS

Alber

Ramacher

2020

Proceedings of the 2020 ACM SIGSAC Conference on Cloud Computing Security Workshop

View full text Add to dashboard Cite

show abstract

“…Multi-Context TLS [16] was developed to solve this issue. However, the protocol is insecure [17] and it provides neither flow-based encryption nor SFC isolation. Hence, another approach to this problem is to enable the NFV infrastructure to provide hop by hop encryption and automatically exchange keys and set up secure channels between the VNFs.…”

Section: Related Workmentioning

confidence: 99%

Dynamic setup of IPsec VPNs in service function chaining

2019

View full text Add to dashboard Cite

This article describes a novel mechanism for the automated establishment of dynamic Virtual Private Networks (VPN) in the application domain of Network Function Virtualization (NFV). Each hop in an NFV Service Function Chain (SFC) lacks the capability of perflow encryption, that makes the traffic flow in federated NFV environments vulnerable for eavesdropping. Due to the possible lack of bidirectional data plane communication channels between VNFs in an SFC, the Internet Security Key Exchange protocol (IPsec-IKE) is not applicable inside a VNF. Hence, this article introduces an alternative to IPsec-IKE that is specifically designed for NFV environments. This component is named Software Defined Security Associations (SD-SA), which is shown through a proof of concept evaluation to perform better than IPsec-IKE with respect to bandwidth and resource consumption.

show abstract

“…erefore, the client should fully trust the proxy. mcTLS may be weak in several cases, for example, Poisoning Caches with an Unknown Key Share Attack [57]. Furthermore, mcTLS complicates the TLS protocol by making significant changes to the handshake protocol, and Security and Communication Networks the sizes of the handshake messages are significantly large.…”

Section: Multicontext Tlsmentioning

confidence: 99%

QoS3: Secure Caching in HTTPS Based on Fine-Grained Trust Delegation

Al-Dailami

Ruan

Bao

et al. 2019

Security and Communication Networks

View full text Add to dashboard Cite

With the ever-increasing concern in network security and privacy, a major portion of Internet traffic is encrypted now. Recent research shows that more than 70% of Internet content is transmitted using HyperText Transfer Protocol Secure (HTTPS). However, HTTPS encryption eliminates the advantages of many intermediate services like the caching proxy, which can significantly degrade the performance of web content delivery. We argue that these restrictions lead to the need for other mechanisms to access sites quickly and safely. In this paper, we introduce QoS3, which is a protocol that can overcome such limitations by allowing clients to explicitly and securely re-introduce in-network caching proxies using fine-grained trust delegation without compromising the integrity of the HTTPS content and modifying the format of Transport Layer Security (TLS). In QoS3, we classify web page contents into two types: (1) public contents that are common for all users, which can be stored in the caching proxies, and (2) private contents that are specific for each user. Correspondingly, QoS3 establishes two separate TLS connections between the client and the web server for them. Specifically, for private contents, QoS3 just leverages the original HTTPS protocol to deliver them, without involving any middlebox. For public contents, QoS3 allows clients to delegate trust to specific caching proxy along the path, thereby allowing the clients to use the cached contents in the caching proxy via a delegated HTTPS connection. Meanwhile, to prevent Man-in-the-Middle (MitM) attacks on public contents, QoS3 validates the public contents by employing Document object Model (DoM) object-level checksums, which are delivered through the original HTTPS connection. We implement a prototype of QoS3 and evaluate its performance in our testbed. Experimental results show that QoS3 provides acceleration on page load time ranging between 30% and 64% over traditional HTTPS with negligible overhead. Moreover, QoS3 is deployable since it requires just minor software modifications to the server, client, and the middlebox.

show abstract

A Formal Treatment of Accountable Proxying Over TLS

Cited by 20 publications

References 28 publications

Short-Lived Forward-Secure Delegation for TLS

Short-Lived Forward-Secure Delegation for TLS

Dynamic setup of IPsec VPNs in service function chaining

QoS3: Secure Caching in HTTPS Based on Fine-Grained Trust Delegation

Contact Info

Product

Resources

About