Security infrastructure for modern information and message exchange systems, networks and applications

现代信息和消息交换系统、网络和应用程序的安全基础设施

• 批准号: RGPIN-2018-05339
• 负责人: VanOorschot, Paul
• 金额: $ 4.01万
• 依托单位: Carleton University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2020
• 资助国家: 加拿大
• 起止时间: 2020-01-01 至 2021-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=713597
• 关键词: Security; infrastructure; modern; information; message

The program addresses problems with communications security infrastructure used for virtually all web communications and secure email systems. Issues addressed involve certificate-based public key infrastructure (PKI), trust management, systems security, and supporting authentication and identity management mechanisms. The model underlying essentially all secure communications today involves a Certification Authority (CA) binding a public key to an entity identifier, creating a public key certificate. Problems without satisfactory solutions include mechanisms: to reliably verify the legitimacy of bindings asserted in certificates, and their ongoing validity (revocation status); to configure software to “trust” an appropriate set of CAs, in order to automate certificate verification; to limit the ability of CAs to create certificates for arbitrary web sites and email users; to increase visibility when CAs delegate trust to subordinate authorities; to distinguish rogue certificates from those legitimately issued; to prevent downgrading secure HTTPS web sessions to unsecured HTTP; to eliminate current fragility whereby compromise of a single CA can undermine trust in the entire infrastructure. Problems are considered in two primary PKI use cases. The web communications focus is on the TLS protocol (including as used by HTTPS), the backbone of Internet security for site authentication, encryption, and integrity of browser-server data and downloaded software. The email focus spans end-to-end secure email and link-based secure email via TLS. The program seeks to improve or replace exploitable security mechanisms. The recent surge of research on such systems stems from essentially all of society's critical infrastructures -- power, transportation, finance, communications -- depending on the Internet, despite most of the thousands of CAs browsers and email software “trust” to issue certificates being unrecognizable to end-users. This infrastructure is widely recognized as vulnerable to cyber-attack in this post-Snowden era of increased awareness about how easily systems are compromised, and of the elevated consequences due to physical society's reliance on our digital infrastructure. HTTPS is acknowledged by experts to be a critical but fundamentally flawed infrastructure, while email is a foundation for business communications but remains almost entirely unsecured. The program results will improve fundamental understanding of how to build and maintain robust, secure information exchange systems, address root causes of security infrastructure flaws, and provide new approaches to address current limitations. Results are expected to find their way into widely deployed software systems used for government, enterprise and private communications.

该计划解决了用于几乎所有网络通信和安全电子邮件系统的通信安全基础设施的问题。 所处理的问题涉及基于证书的公钥基础设施、信任管理、系统安全以及支持认证和身份管理机制。 今天，基本上所有安全通信的基础模型都涉及证书颁发机构（CA）将公钥绑定到实体标识符，从而创建公钥证书。 没有令人满意的解决方案的问题包括机制：可靠地验证证书中声明的绑定的合法性，以及它们的持续有效性（撤销状态）;将软件配置为“信任”一组适当的CA，以便自动化证书验证;限制CA为任意网站和电子邮件用户创建证书的能力;在CA将信任委托给下级机构时增加可见性;区分非法证书和合法颁发的证书;防止将安全HTTPS Web会话降级为不安全HTTP;消除当前的脆弱性，即单个CA的泄露可能破坏整个基础设施中的信任。在两个主要的PKI用例中考虑了问题。Web通信的重点是TLS协议（包括HTTPS所使用的），这是用于站点身份验证、加密以及浏览器-服务器数据和下载软件的完整性的Internet安全支柱。电子邮件重点涵盖端到端安全电子邮件和通过TLS的基于链接的安全电子邮件。 该计划旨在改善或取代可利用的安全机制。 最近对这种系统的研究激增，基本上源于所有社会的关键基础设施-电力，交通，金融，通信-依赖于互联网，尽管成千上万的CA浏览器和电子邮件软件中的大多数“信任”颁发最终用户无法识别的证书。 人们普遍认为，在后斯诺登时代，这种基础设施容易受到网络攻击，人们越来越意识到系统是多么容易受到攻击，以及由于物理社会对我们的数字基础设施的依赖而造成的后果。 HTTPS被专家认为是一个关键但存在根本缺陷的基础设施，而电子邮件是商业通信的基础，但仍然几乎完全不安全。该计划的结果将提高对如何建立和维护强大，安全的信息交换系统的基本理解，解决安全基础设施缺陷的根本原因，并提供新的方法来解决当前的限制。预计研究结果将被广泛应用于政府、企业和私人通信的软件系统。