skip to main content
research-article

Design and Implementation of a Compressed Certificate Status Protocol

Published:06 October 2020Publication History
Skip Abstract Section

Abstract

Trust in Secure Sockets Layer–based communications is traditionally provided by Certificate (or Certification) Authorities (CAs) in the form of signed certificates. Checking the validity of a certificate involves three steps: (i) checking its expiration date, (ii) verifying its signature, and (iii) ensuring that it is not revoked. Currently, such certificate revocation checks (i.e., step (iii) above) are done either via Certificate Revocation Lists (CRLs), or Online Certificate Status Protocol (OCSP) servers. Unfortunately, despite the existence of these revocation checks, sophisticated cyber-attackers can still trick web browsers to trust a revoked certificate, believing that it is still valid.

Although frequently updated, nonced, and timestamped certificates can reduce the frequency and impact of such cyber-attacks, they add a huge burden to the CAs and OCSP servers. Indeed, CAs and/or OCSP servers need to timestamp and sign on a regular basis all the responses, for every certificate they have issued, resulting in a very high overhead. To mitigate this and provide a solution to the described cyber-attacks, we present CCSP : a new approach to provide timely information regarding the status of certificates, which capitalizes on a newly introduced notion called Signed Collections. In this article, we present in detail the notion of Signed Collections and the complete design, implementation, and evaluation of our approach. Performance evaluation shows that CCSP (i) reduces space requirements by more than an order of magnitude, (ii) lowers the number of signatures required by six orders of magnitude compared to OCSP-based methods, and (iii) adds only a few milliseconds of overhead in the overall user latency.

References

  1. Alfred Ng. 2018. Google Chrome says goodbye to green “Secure” lock on HTTPS sites. Retrieved from https://www.cnet.com/news/say-good-bye-to-that-green-secure-lock-on-google-chrome/.Google ScholarGoogle Scholar
  2. Richard F. Andrews and Quentin Liu. 2013. Accelerating ocsp responses via content delivery network collaboration. Retrieved from http://www.google.com/patents/US20150100778 US Patent App. 14/050,245.Google ScholarGoogle Scholar
  3. APNIC Labs. 2019. Use of DNSSEC Validation for World (XA). Retrieved from https://stats.labs.apnic.net/dnssec/XA?c=XA8x=18g=18r=18w=78g=0.Google ScholarGoogle Scholar
  4. Antonios A. Chariton, Eirini Degkleri, Panagiotis Papadopoulos, Panagiotis Ilia, and Evangelos P. Markatos. 2016. DCSP: Performant certificate revocation a DNS-based approach. In Proceedings of the 9th European Workshop on System Security. ACM, 1.Google ScholarGoogle Scholar
  5. Antonios A. Chariton, Eirini Degkleri, Panagiotis Papadopoulos, Panagiotis Ilia, and Evangelos P. Markatos. 2017. CCSP: A compressed certificate status protocol. In Proceedings of the IEEE INFOCOM Conference on Computer Communications. IEEE, 1--9.Google ScholarGoogle Scholar
  6. Jing Chen, Shixiong Yao, Quan Yuan, Kun He, Shouling Ji, and Ruiying Du. 2018. CertChain: Public and efficient certificate audit based on blockchain for TLS connections. In Proceedings of the IEEE INFOCOM Conference on Computer Communications. IEEE, 2060--2068.Google ScholarGoogle ScholarCross RefCross Ref
  7. Richard Chirgwin. 2016. Google publishes list of Certificate Authorities it doesn’t trust. Retrieved from https://www.theregister.co.uk/2016/03/23/google_now_publishing_a_list_of_cas_it_doesnt_trust/.Google ScholarGoogle Scholar
  8. Taejoong Chung, Jay Lok, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, John Rula, Nick Sullivan, and Christo Wilson. 2018. Is the web ready for OCSP must-staple? In Proceedings of the Internet Measurement Conference (IMC’18). ACM, New York, NY, 105--118. DOI:https://doi.org/10.1145/3278532.3278543Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Taejoong Chung, Jay Lok, Balakrishnan Chandrasekaran, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, John Rula, Nick Sullivan, and Christo Wilson. 2018. Is the web ready for OCSP must-staple? In Proceedings of the Internet Measurement Conference. ACM.Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Cooper Dave, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W. Polk. 2008. Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile. Retrieved from https://tools.ietf.org/html/rfc3280.Google ScholarGoogle Scholar
  11. Zakir Durumeric, James Kasten, David Adrian, J. Alex Halderman, Michael Bailey, Frank Li, Nicolas Weaver, Johanna Amann, Jethro Beekman, Mathias Payer, and Vern Paxson. [n.d.]. The matter of heartbleed. In Proceedings of the Conference on Internet Measurement Conference. 14. DOI:https://doi.org/10.1145/2663716.2663755Google ScholarGoogle Scholar
  12. Donald Eastlake et al. 2011. Transport layer security (TLS) extensions: Extension definitions. Retrieved from https://tools.ietf.org/html/rfc6066.Google ScholarGoogle Scholar
  13. C. Ellison and B. Schneier. 2000. Ten risks of PKI: What you’re not being told about public-key infrastructure. Comput. Secur. J. 16, 1 (2000), 1--7. Retrieved from https://www.schneier.com/academic/paperfiles/paper-pki.pdf.Google ScholarGoogle Scholar
  14. Emily Schechter. 2018. Evolving Chrome’s security indicators. Retrieved from https://blog.chromium.org/2018/05/evolving-chromes-security-indicators.html.Google ScholarGoogle Scholar
  15. S. Golomb. 1966. Run-length encodings. IEEE Trans. Info. Theory 12, 3 (1966), 399--401.Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Dan Goodin. [n.d.]. Qualys endorses alternative to crappy SSL system. Retrieved from http://www.theregister.co.uk/2011/09/30/qualys_endorses_convergence/.Google ScholarGoogle Scholar
  17. Mark Goodwin. 2015. Revoking Intermediate Certificates: Introducing OneCRL. Retrieved from https://blog.mozilla.org/security/2015/03/03/revoking-intermediate-certificates-introducing-onecrl/.Google ScholarGoogle Scholar
  18. Roger A. Grimes. [n.d.]. The sorry state of certificate revocation. Retrieved from https://www.csoonline.com/article/3000574/security/the-sorry-state-of-certificate-revocation.html.Google ScholarGoogle Scholar
  19. Phillip Hallam-Baker. 2015. X. 509v3 Transport Layer Security (TLS) Feature Extension. Retrieved from https://tools.ietf.org/html/rfc7633.Google ScholarGoogle Scholar
  20. A. Herzberg and H. Shulman. 2013. Fragmentation considered poisonous, or: One-domain-to-rule-them-all.org. In Proceedings of the IEEE Conference on Communications and Network Security (CNS’13).Google ScholarGoogle Scholar
  21. Paul Hoffman and Jakob Schlyter. 2012. The DNS-based authentication of named entities (DANE) transport layer security (TLS) protocol: TLSA. Retrieved from https://tools.ietf.org/html/rfc6698.Google ScholarGoogle Scholar
  22. Adam Langley. [n.d.]. Revocation checking and Chrome’s CRL. Retrieved from https://www.imperialviolet.org/2012/02/05/crlsets.html.Google ScholarGoogle Scholar
  23. Adam Langley. [n.d.]. Smaller than Bloom filters. Retrieved from https://www.imperialviolet.org/2011/04/29/filters.html.Google ScholarGoogle Scholar
  24. James Larisch, David Choffnes, Dave Levin, Bruce M. Maggs, Alan Mislove, and Christo Wilson. 2017. CRLite: A scalable system for pushing all TLS revocations to all browsers. In Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP'17). San Jose, CA, 539--556. DOI:10.1109/SP.2017.17Google ScholarGoogle ScholarCross RefCross Ref
  25. Ben Laurie and Emilia Kasper. 2016. Revocation Transparency. Retrieved from http://www.links.org/files/RevocationTransparency.pdf.Google ScholarGoogle Scholar
  26. B. Laurie, A. Langley, and E. Kasper. [n.d.]. Certificate Transparency. Retrieved from https://tools.ietf.org/html/rfc6962.Google ScholarGoogle Scholar
  27. Ben Laurie, Adam Langley, and Stephen McHenry. [n.d.]. Certificate Transparency. Retrieved from https://www.certificate-transparency.org/faq.Google ScholarGoogle Scholar
  28. Let’s Encrypt. 2018. Percentage of Web Pages Loaded by Firefox Using HTTPS. Retrieved from https://letsencrypt.org/stats/.Google ScholarGoogle Scholar
  29. Letâs Encrypt. [n.d.]. Let’s Encrypt Stats. Retrieved from https://letsencrypt.org/stats/.Google ScholarGoogle Scholar
  30. Yabing Liu, Will Tome, Liang Zhang, David Choffnes, Dave Levin, Bruce Maggs, Alan Mislove, Aaron Schulman, and Christo Wilson. [n.d.]. An end-to-end measurement of certificate revocation in the Web’s PKI. In Proceedings of the ACM Internet Measurement Conference. 14. DOI:https://doi.org/10.1145/2815675.2815685Google ScholarGoogle Scholar
  31. Moxie Marlinspike. [n.d.]. Convergence. Retrieved from http://www.convergence.io/details.html.Google ScholarGoogle Scholar
  32. Nikos Mavrogiannopoulos and Simon Josefsson. [n.d.]. The GnuTLS Transport Layer Security Library. Retrieved from http://www.gnutls.org/.Google ScholarGoogle Scholar
  33. M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams. 1999. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol—OCSP. Retrieved from https://tools.ietf.org/html/rfc6960.Google ScholarGoogle Scholar
  34. David Naylor, Alessandro Finamore, Ilias Leontiadis, Yan Grunenberger, Marco Mellia, Maurizio Munafò, Konstantina Papagiannaki, and Peter Steenkiste. 2014. The cost of the S in HTTPS. In Proceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies. ACM, 133--140.Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Netcraft. [n.d.]. CRL sites ordered by average body size. Retrieved from http://uptime.netcraft.com/perf/reports/performance/CRL.Google ScholarGoogle Scholar
  36. Netcraft. [n.d.]. Total http time of OCSP sites. Retrieved from http://uptime.netcraft.com/perf/reports/performance/OCSP.Google ScholarGoogle Scholar
  37. Erik Nygren, Ramesh K. Sitaraman, and Jennifer Sun. 2010. The akamai network: A platform for high-performance internet applications. ACM SIGOPS Operat. Syst. Rev. 44, 3 (2010), 2--19.Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Mark Dermot Ryan. 2014. Enhanced certificate transparency and end-to-end encrypted mail. In Proceedings of the 21st Annual Network and Distributed System Security Symposium (NDSS’14). Retrieved from http://www.internetsociety.org/doc/enhanced-certificate-transparency-and-end-end-encrypted-mail.Google ScholarGoogle ScholarCross RefCross Ref
  39. Alexey Samoshkin. [n.d.]. SSL certificate revocation and how it is broken in practice. Retrieved from https://medium.com/@alexeysamoshkin/how-ssl-certificate-revocation-is-broken-in-practice-af3b63b9cb3.Google ScholarGoogle Scholar
  40. Aaron Schulman, Dave Levin, and Neil Spring. 2014. RevCast: Fast, private certificate revocation over FM radio. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’14).Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Giuseppe Scrivano and Hrvoje Niksic. [n.d.]. GNU Wget 1.18 Manual. Retrieved from https://www.gnu.org/software/wget/.Google ScholarGoogle Scholar
  42. Nick Sullivan. [n.d.]. High-reliability OCSP stapling and why it matters. Retrieved from https://blog.cloudflare.com/high-reliability-ocsp-stapling/.Google ScholarGoogle Scholar
  43. Ahmad Samer Wazan, Romain Laborde, David W. Chadwick, François Barrère, and Abdelmalek Benzekri. 2017. TLS connection validation by web browsers: Why do web browsers still not agree? In Proceedings of the IEEE 41st Annual Computer Software and Applications Conference (COMPSAC’17). IEEE.Google ScholarGoogle ScholarCross RefCross Ref
  44. Dan Wendlandt, David G. Andersen, and Adrian Perrig. 2008. Perspectives: Improving SSH-style host authentication with multi-path probing. In Proceedings of the USENIX Annual Technical Conference (ATC’08). USENIX Association, Berkeley, CA, 321--334. Retrieved from http://dl.acm.org/citation.cfm?id=1404014.1404041.Google ScholarGoogle Scholar
  45. Liang Zhang, David Choffnes, Dave Levin, Tudor Dumitras, Alan Mislove, Aaron Schulman, and Christo Wilson. 2014. Analysis of SSL certificate reissues and revocations in the wake of heartbleed. In Proceedings of the Conference on Internet Measurement Conference. ACM, 489--502.Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. Liang Zhu, Johanna Amann, and John Heidemann. 2016. Measuring the latency and pervasiveness of TLS certificate revocation. In Proceedings of the International Conference on Passive and Active Network Measurement. Springer, 16--29.Google ScholarGoogle ScholarCross RefCross Ref
  47. Liang Zhu, Duane Wessels, Allison Mankin, and John Heidemann. 2015. Measuring dane TLSA deployment. In Proceedings of the International Workshop on Traffic Monitoring and Analysis. Springer, 219--232.Google ScholarGoogle ScholarCross RefCross Ref
  48. J. Ziv and A. Lempel. 2006. A universal algorithm for sequential data compression. IEEE Trans. Info. Theor. 23, 3 (Sept. 2006), 337--343. DOI:https://doi.org/10.1109/TIT.1977.1055714Google ScholarGoogle Scholar

Index Terms

  1. Design and Implementation of a Compressed Certificate Status Protocol

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        • Published in

          cover image ACM Transactions on Internet Technology
          ACM Transactions on Internet Technology  Volume 20, Issue 4
          November 2020
          391 pages
          ISSN:1533-5399
          EISSN:1557-6051
          DOI:10.1145/3427795
          • Editor:
          • Ling Liu
          Issue’s Table of Contents

          Copyright © 2020 ACM

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 6 October 2020
          • Online AM: 7 May 2020
          • Accepted: 1 April 2020
          • Revised: 1 March 2020
          • Received: 1 June 2019
          Published in toit Volume 20, Issue 4

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article
          • Research
          • Refereed

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        HTML Format

        View this article in HTML Format .

        View HTML Format
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!