Syta, E;
Tamas, I;
Visher, D;
Wolinsky, DI;
Jovanovic, P;
Gasser, L;
Gailly, N;
... Ford, B; + view all
(2016)
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning.
In:
Proceedings of the 2016 IEEE Symposium on Security and Privacy (SP).
(pp. pp. 526-545).
IEEE: San Jose, CA, USA.
Preview |
Text
Jovanovic_cosi.pdf - Accepted Version Download (516kB) | Preview |
Abstract
The secret keys of critical network authorities -- such as time, name, certificate, and software update services -- represent high-value targets for hackers, criminals, and spy agencies wishing to use these keys secretly to compromise other hosts. To protect authorities and their clients proactively from undetected exploits and misuse, we introduce CoSi, a scalable witness cosigning protocol ensuring that every authoritative statement is validated and publicly logged by a diverse group of witnesses before any client will accept it. A statement S collectively signed by W witnesses assures clients that S has been seen, and not immediately found erroneous, by those W observers. Even if S is compromised in a fashion not readily detectable by the witnesses, CoSi still guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to risk that the compromise will soon be detected by one of the W witnesses. Because clients can verify collective signatures efficiently without communication, CoSi protects clients' privacy, and offers the first transparency mechanism effective against persistent man-in-the-middle attackers who control a victim's Internet access, the authority's secret key, and several witnesses' secret keys. CoSi builds on existing cryptographic multisignature methods, scaling them to support thousands of witnesses via signature aggregation over efficient communication trees. A working prototype demonstrates CoSi in the context of timestamping and logging authorities, enabling groups of over 8,000 distributed witnesses to cosign authoritative statements in under two seconds.
Type: | Proceedings paper |
---|---|
Title: | Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning |
Event: | 2016 IEEE Symposium on Security and Privacy (SP) |
Location: | San Jose, CA, USA |
Dates: | 22 May 2016 - 26 May 2016 |
ISBN-13: | 978-1-5090-0824-7 |
Open access status: | An open access version is available from UCL Discovery |
DOI: | 10.1109/sp.2016.38 |
Publisher version: | https://doi.org/2016 IEEE Symposium on Security an... |
Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
UCL classification: | UCL UCL > Provost and Vice Provost Offices UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Computer Science |
URI: | https://discovery.ucl.ac.uk/id/eprint/10116629 |
Archive Staff Only
View Item |