TWC: Small: Self-Recovering Certificate Authorities using Backward and Forward Secure Key Management

TWC：小型：使用后向和前向安全密钥管理的自恢复证书颁发机构

• 批准号: 1617774
• 负责人: John Chandy
• 金额: $ 32.72万
• 依托单位: University of Connecticut
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2016
• 资助国家: 美国
• 起止时间: 2016-09-01 至 2021-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1617774&HistoricalAwards=false
• 关键词: TWC; Small; Self; Recovering; Certificate

Recent years have shown the fallacy of Certificate Authorities (CAs); insiders are able to steal master signing keys and impersonate certificates, exploitation of system vulnerabilities and other means of infiltration allow attackers to gain access to CAs and copy their keys, etc. At stake is the mere survival of public key infrastructures as trust in them is bootstrapped from trust in certificates that bind public keys to known identities. The current attack surface exposed by CAs makes trust in their issued certificates questionable. The main problem is the information that a current stolen key leaks about to-be-used future keys for signing future certificates. This project introduces a new notion of backward security allowing a CA to revoke newly reconstructed secret keys, which were maliciously modified by an attacker and are known to the attacker, before the attacker is even able to sign valid certificates. The project also provides efficient self-recovery meaning that, in the presence of a powerful adversary, CAs are able to replace revoked keys by a new non-compromised signing key sequence. Self-recovering CAs promise strong security guarantees against the most powerful attacker who can read all digital state and this will have a major societal impact: enterprises and individuals will be able to trust such CAs and will regain trust in public key infrastructures as a whole. Self-recovering CAs eliminate a serious security threat to our economy and society.

近年来表明证书机构（CAS）的谬误；内部人士能够窃取主签名密钥并模仿证书，对系统漏洞的开发以及其他渗透手段，允许攻击者可以访问CAS并复制其钥匙等。危险是公共密钥基础架构的生存，因为对他们的信任仅是在将公共钥匙绑定到已知身份的证书中的自启性的。 CAS暴露的当前攻击表面使他们的已发行证书值得怀疑。主要问题是当前被盗的钥匙泄漏有关签署未来证书的未来钥匙的信息。该项目引入了一个新的落后安全性概念，允许CA撤销新重建的秘密钥匙，该密钥被攻击者恶意修改并在攻击者能够签署有效证书之前被攻击者所知。该项目还提供了有效的自我恢复，这意味着，在有强大的对手的情况下，CAS能够通过新的非弹力签名密钥序列替换被撤销的密钥。自我恢复的CAS承诺对可以阅读所有数字状态的最强大攻击者的强大安全保证，这将产生重大的社会影响：企业和个人将能够信任此类CAS，并将重新获得对整个公共密钥基础设施的信任。自我置换的CAS消除了对我们的经济和社会的严重安全威胁。