HTTPS is a cornerstone of privacy in the modern Web. The public key infrastructure underlying HTTPS, however, is a frequent target of attacks. In several cases, forged certificates have been issued by compromised Certificate Authorities (CA) and used to spy on users at large scale. While the concept of Certificate Transparency (CT) provides a means for detecting such forgeries, it builds on a distributed system of CT logs whose correctness is still insufficiently protected. By compromising a certificate authority and the corresponding log, a covert adversary can still issue rogue certificates unnoticed.
We introduce LogPicker, a novel protocol for strengthening the public key infrastructure of HTTPS. LogPicker enables a pool of CT logs to collaborate, where a randomly selected log includes the certificate while the rest witness and testify the certificate issuance process. As a result, CT logs become capable of auditing the log in charge independently without the need for a trusted third party. This auditing forces an attacker to control each participating witness, which significantly raises the bar for issuing rogue certificates. LogPicker is efficient and designed to be deployed incrementally, allowing a smooth transition towards a more secure Web.
Full paper: https://sciendo.com/pdf/10.2478/popets-2021-0066
Alexandra Dirksen is a PhD Candidate at TU Braunschweig and is currently working in the field of Web Security & Privacy, Web PKI and Large Scale Adversaries. Her further interests are different topics of Applied Cryptography and Ethics in Computer Science. She is currently part of the KIWI Project, where she works on mechanisms to detect security issues in OAuth protocol flows at runtime.