Security infrastructure for modern information and message exchange systems, networks and applications

现代信息和消息交换系统、网络和应用程序的安全基础设施

• 批准号: RGPIN-2018-05339
• 负责人: VanOorschot, Paul
• 金额: $ 4.01万
• 依托单位: Carleton University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2020
• 资助国家: 加拿大
• 起止时间: 2020-01-01 至 2021-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=713597
• 关键词: Security; infrastructure; modern; information; message

The program addresses problems with communications security infrastructure used for virtually all web communications and secure email systems. Issues addressed involve certificate-based public key infrastructure (PKI), trust management, systems security, and supporting authentication and identity management mechanisms. The model underlying essentially all secure communications today involves a Certification Authority (CA) binding a public key to an entity identifier, creating a public key certificate. Problems without satisfactory solutions include mechanisms: to reliably verify the legitimacy of bindings asserted in certificates, and their ongoing validity (revocation status); to configure software to “trust” an appropriate set of CAs, in order to automate certificate verification; to limit the ability of CAs to create certificates for arbitrary web sites and email users; to increase visibility when CAs delegate trust to subordinate authorities; to distinguish rogue certificates from those legitimately issued; to prevent downgrading secure HTTPS web sessions to unsecured HTTP; to eliminate current fragility whereby compromise of a single CA can undermine trust in the entire infrastructure. Problems are considered in two primary PKI use cases. The web communications focus is on the TLS protocol (including as used by HTTPS), the backbone of Internet security for site authentication, encryption, and integrity of browser-server data and downloaded software. The email focus spans end-to-end secure email and link-based secure email via TLS. The program seeks to improve or replace exploitable security mechanisms. The recent surge of research on such systems stems from essentially all of society's critical infrastructures -- power, transportation, finance, communications -- depending on the Internet, despite most of the thousands of CAs browsers and email software “trust” to issue certificates being unrecognizable to end-users. This infrastructure is widely recognized as vulnerable to cyber-attack in this post-Snowden era of increased awareness about how easily systems are compromised, and of the elevated consequences due to physical society's reliance on our digital infrastructure. HTTPS is acknowledged by experts to be a critical but fundamentally flawed infrastructure, while email is a foundation for business communications but remains almost entirely unsecured. The program results will improve fundamental understanding of how to build and maintain robust, secure information exchange systems, address root causes of security infrastructure flaws, and provide new approaches to address current limitations. Results are expected to find their way into widely deployed software systems used for government, enterprise and private communications.

该计划解决了几乎所有网络通信和安全电子邮件系统所使用的通信安全基础设施的问题。 解决的问题涉及基于证书的公钥基础设施 (PKI)、信任管理、系统安全以及支持身份验证和身份管理机制。 如今，基本上所有安全通信的基础模型都涉及将公钥与实体标识符绑定的证书颁发机构 (CA)，从而创建公钥证书。 没有令人满意的解决方案的问题包括机制：可靠地验证证书中声明的绑定的合法性及其持续的有效性（撤销状态）；配置软件以“信任”一组适当的 CA，以便自动进行证书验证；限制 CA 为任意网站和电子邮件用户创建证书的能力；当 CA 将信任委托给下级机构时，提高可见性；区分流氓证书和合法颁发的证书；防止将安全的 HTTPS Web 会话降级为不安全的 HTTP；消除当前的脆弱性，即单个 CA 的妥协可能会破坏对整个基础设施的信任。在两个主要 PKI 用例中考虑了问题。 Web 通信的重点是 TLS 协议（包括 HTTPS 使用的协议），这是用于站点身份验证、加密以及浏览器服务器数据和下载软件的完整性的互联网安全支柱。电子邮件重点涵盖端到端安全电子邮件和通过 TLS 的基于链接的安全电子邮件。 该计划旨在改进或替换可利用的安全机制。 最近对此类系统的研究激增，基本上源于社会所有关键基础设施——电力、交通、金融、通信——依赖于互联网，尽管数千个 CA 浏览器和电子邮件软件“信任”颁发最终用户无法识别的证书。 在后斯诺登时代，人们越来越认识到系统很容易受到损害，以及物理社会对数字基础设施的依赖所带来的严重后果，人们普遍认为这种基础设施很容易受到网络攻击。 专家们承认 HTTPS 是一种关键但存在根本缺陷的基础设施，而电子邮件是业务通信的基础，但仍然几乎完全不安全。该计划的结果将提高对如何构建和维护强大、安全的信息交换系统的基本理解，解决安全基础设施缺陷的​​根本原因，并提供解决当前限制的新方法。研究结果预计将进入广泛部署的用于政府、企业和私人通信的软件系统中。