Security infrastructure for modern information and message exchange systems, networks and applications

现代信息和消息交换系统、网络和应用程序的安全基础设施

• 批准号: RGPIN-2018-05339
• 负责人: VanOorschot, Paul
• 金额: $ 4.01万
• 依托单位: Carleton University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2019
• 资助国家: 加拿大
• 起止时间: 2019-01-01 至 2020-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=690619
• 关键词: Security; infrastructure; modern; information; message

The program addresses problems with communications security infrastructure used for virtually all web communications and secure email systems. Issues addressed involve certificate-based public key infrastructure (PKI), trust management, systems security, and supporting authentication and identity management mechanisms. The model underlying essentially all secure communications today involves a Certification Authority (CA) binding a public key to an entity identifier, creating a public key certificate. Problems without satisfactory solutions include mechanisms: to reliably verify the legitimacy of bindings asserted in certificates, and their ongoing validity (revocation status); to configure software to “trust” an appropriate set of CAs, in order to automate certificate verification; to limit the ability of CAs to create certificates for arbitrary web sites and email users; to increase visibility when CAs delegate trust to subordinate authorities; to distinguish rogue certificates from those legitimately issued; to prevent downgrading secure HTTPS web sessions to unsecured HTTP; to eliminate current fragility whereby compromise of a single CA can undermine trust in the entire infrastructure. Problems are considered in two primary PKI use cases. The web communications focus is on the TLS protocol (including as used by HTTPS), the backbone of Internet security for site authentication, encryption, and integrity of browser-server data and downloaded software. The email focus spans end-to-end secure email and link-based secure email via TLS. ******The program seeks to improve or replace exploitable security mechanisms. The recent surge of research on such systems stems from essentially all of society's critical infrastructures -- power, transportation, finance, communications -- depending on the Internet, despite most of the thousands of CAs browsers and email software “trust” to issue certificates being unrecognizable to end-users. This infrastructure is widely recognized as vulnerable to cyber-attack in this post-Snowden era of increased awareness about how easily systems are compromised, and of the elevated consequences due to physical society's reliance on our digital infrastructure. HTTPS is acknowledged by experts to be a critical but fundamentally flawed infrastructure, while email is a foundation for business communications but remains almost entirely unsecured. The program results will improve fundamental understanding of how to build and maintain robust, secure information exchange systems, address root causes of security infrastructure flaws, and provide new approaches to address current limitations. Results are expected to find their way into widely deployed software systems used for government, enterprise and private communications.

该计划解决了用于几乎所有网络通信和安全电子邮件系统的通信安全基础设施的问题。解决的问题涉及基于证书的公钥基础设施(PKI)、信任管理、系统安全以及支持身份验证和身份管理机制。当今几乎所有安全通信的基础模型都涉及一个证书颁发机构(CA)，它将一个公钥绑定到一个实体标识符上，从而创建一个公钥证书。没有令人满意的解决方案的问题包括以下机制：可靠地验证证书中断言的绑定的合法性及其持续有效性(吊销状态)；将软件配置为“信任”适当的CA集，以便自动化证书验证；限制CA为任意网站和电子邮件用户创建证书的能力；当CA将信任委派给下属机构时提高可见性；区分流氓证书和合法颁发的证书；防止将安全的HTTPS Web会话降级为不安全的HTTP；消除当前的脆弱性，即单个CA的危害可能会破坏对整个基础设施的信任。在两个主要的PKI用例中考虑了问题。网络通信的重点是TLS协议(包括HTTPS使用的协议)，这是用于站点身份验证、加密以及浏览器-服务器数据和下载软件的完整性的互联网安全的主干。电子邮件重点包括通过TLS发送的端到端安全电子邮件和基于链接的安全电子邮件。*该计划旨在改进或取代可利用的安全机制。最近对这类系统的研究激增基本上源于社会的所有关键基础设施--电力、交通、金融、通信--依赖于互联网，尽管数以千计的CA浏览器和电子邮件软件中的大多数无法识别最终用户无法识别的证书颁发。人们普遍认为，在这个后斯诺登时代，这种基础设施容易受到网络攻击，人们越来越意识到系统有多么容易受到攻击，以及由于物理社会对我们数字基础设施的依赖而导致的后果加剧。HTTPS被专家认为是一种关键但存在根本性缺陷的基础设施，而电子邮件是商业通信的基础，但仍然几乎完全不安全。该计划的成果将提高对如何建立和维护强大、安全的信息交换系统的基本理解，解决安全基础设施缺陷的根本原因，并提供解决当前限制的新方法。预计结果将进入广泛部署的软件系统，用于政府、企业和私人通信。