Browsing by Author "Chung, Taejoong"

Now showing 1 - 5 of 5
  • Thumbnail Image
    Delegation of TLS Authentication to CDNs using Revocable Delegated Credentials
    Yoon, Daegeun; Chung, Taejoong; Kim, Yongdae (ACM, 2023-12-04)
    When using a Content Delivery Network (CDN), domain owners typically delegate Transport Layer Security (TLS) authentication to the CDN by sharing their TLS certificate’s private key. However, this practice not only delegates TLS authentication but also grants the CDN complete control over the certificate. To mitigate these concerns, Delegated Credential (DC) was proposed as a solution; DC, which contains both the CDN’s public key and the domain owner’s signature, allows the domain owners to delegate their own credentials for TLS authentication, thereby avoiding the need to share their private keys. However, the absence of a mechanism to distribute the revocation status of a DC renders it non-revocable, even when a compromise of a credential has been detected. DCs were thus designed to be short-lived, necessitating frequent renewal for continued use. To overcome this limitation, we designed Revocable Delegated Credential (RDC), which provides a revocation method for DCs. With RDCs, there is no need for frequent renewals as they can be revoked, allowing for a longer validity period. The revocation status of RDCs is distributed via DNS, an essential component of web communication. RDCs utilize the NSEC record, a type of DNSSEC record, as a means to store, validate, and easily manage their revocation status. When domain owners no longer trust their CDNs or detect compromise in their RDCs, they can distribute the RDC’s revocation status by simply creating a subdomain named with an RDC identifier. The browser then confirms the existence of this subdomain using the NSEC record to validate the revocation status. We implemented RDC in the go tls package and Firefox Nightly to demonstrate and evaluate its feasibility.
  • Thumbnail Image
    Hammurabi: A Framework for Pluggable, Logic-Based X.509 Certificate Validation Policies
    Larisch, James; Aqeel, Waqar; Lum, Michael; Goldschlag, Yaelle; Kannan, Leah; Torshizi, Kasra; Wang, Yujie; Chung, Taejoong; Levin, Dave; Maggs, Bruce; Mislove, Alan; Parno, Bryan; Wilson, Christo (ACM, 2022-11-07)
    This paper proposes using a logic programming language to disentangle X.509 certificate validation policy from mechanism. Expressing validation policies in a logic programming language provides multiple benefits. First, policy and mechanism can be more independently written, augmented, and analyzed compared to the current practice of interweaving them within a C or C++ implementation. Once written, these policies can be easily shared and modified for use in different TLS clients. Further, logic programming allows us to determine when clients differ in their policies and use the power of imputation to automatically generate interesting certificates, e.g., a certificate that will be accepted by one browser but not by another. We present a new framework called Hammurabi for expressing validation policies, and we demonstrate that we can express the complex policies of the Google Chrome and Mozilla Firefox web browsers in this framework. We confirm the fidelity of the Hammurabi policies by comparing the validation decisions they make with those made by the browsers themselves on over ten million certificate chains derived from Certificate Transparency logs, as well as 100K synthetic chains. We also use imputation to discover nine validation differences between the two browsers’ policies. Finally, we demonstrate the feasibility of integrating Hammurabi into Firefox and the Go language in less than 100 lines of code each.
  • Thumbnail Image
    No Root Store Left Behind
    Larisch, James; Aqeel, Waqar; Chung, Taejoong; Kohler, Eddie; Levin, Dave; Maggs, Bruce; Parno, Bryan; Wilson, Christo (ACM, 2023-11-28)
    When a root certificate authority (CA) in the Web PKI misbehaves, primary root-store operators such as Mozilla and Google respond by distrusting that CA. However, full distrust is often too broad, so root stores often implement partial distrust of roots, such as only accepting a root for a subset of domains. Unfortunately, derivative root stores (e.g., Debian and Android) that mirror decisions made by primary root stores are often out-of-date and cannot implement partial distrust, leaving TLS applications vulnerable. We propose augmenting root stores with per-certificate programs called General Certificate Constraints (GCCs) that precisely control the trust of root certificates. We propose that primary root-store operators write GCCs and distribute them, along with routine root certificate additions and removals, to all root stores in the Web PKI. To justify our arguments, we review specific instances of CA certificate mis-issuance over the last decade that resulted in partial distrust of roots that derivative root stores were unable to precisely mirror. We also review prior work that illustrates the alarming lag between primary and derivative root stores.We discuss preliminary designs for GCC deployment and how GCCs could enable pre-emptive restrictions on CA power.
  • Thumbnail Image
    POSTER: Privacy Guarantees of BLE Contact Tracing for COVID-19 and Beyond: A Case Study on COVIDWISE
    Ahmed, Salman; Xiao, Ya; Chung, Taejoong; Fung, Carol; Yung, Moti; Yao, Danfeng (ACM, 2022-05-30)
    Google and Apple jointly introduced a digital contact tracing technology and an API called “exposure notification,” to help health organizations and governments with contact tracing. The technology and its interplay with security and privacy constraints require investigation. In this study, we examine and analyze the security, privacy, and reliability of the technology with actual and typical scenarios (and expected typical adversary in mind), and quite realistic use cases. We do it in the context of Virginia’s COVIDWISE app. This experimental analysis validates the properties of the system under the above conditions, a result that seems crucial for the peace of mind of the exposure notification technology adopting authorities, and may also help with the system’s transparency and overall user trust.
  • Thumbnail Image
    RoVista: Measuring and Analyzing the Route Origin Validation (ROV) in RPKI
    Li, Weitong; Lin, Zhexiao; Ashiq, Md. Ishtiaq; Aben, Emile; Fontugne, Romain; Phokeer, Amreesh; Chung, Taejoong (ACM, 2023-10-24)
    The Resource Public Key Infrastructure (RPKI) is a system to add security to the Internet routing. In recent years, the publication of Route Origin Authorization (ROA) objects, which bind IP prefixes to their legitimate origin ASN, has been rapidly increasing. However, ROAs are effective only if the routers use them to verify and filter invalid BGP announcements, a process called Route Origin Validation (ROV). There are many proposed approaches to measure the status of ROV in the wild, but they are limited in scalability or accuracy. In this paper, we present RoVista, an ROV measurement framework that leverages IP-ID side channel and in-the-wild RPKI-invalid prefix. With over 20 months of longitudinal measurement, RoVista successfully covers more than 28K ASes where 63.8% of ASes have derived benefits from ROV, although the percentage of fully protected ASes remains relatively low at 12.3%. In order to validate our findings, we have also sought input from network operators. We then evaluate the security impact of current ROV deployment and reveal misconfigurations that will weaken the protection of ROV. Lastly, we compare RoVista with other approaches and conclude with a discussion of our findings and limitations.