Security infrastructure for modern information and message exchange systems, networks and applications

现代信息和消息交换系统、网络和应用程序的安全基础设施

• 批准号: RGPIN-2018-05339
• 负责人: VanOorschot, Paul
• 金额: $ 4.01万
• 依托单位: Carleton University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2022
• 资助国家: 加拿大
• 起止时间: 2022-01-01 至 2023-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=750392
• 关键词: Security; infrastructure; modern; information; message

The program addresses problems with communications security infrastructure used for virtually all web communications and secure email systems. Issues addressed involve certificate-based public key infrastructure (PKI), trust management, systems security, and supporting authentication and identity management mechanisms. The model underlying essentially all secure communications today involves a Certification Authority (CA) binding a public key to an entity identifier, creating a public key certificate. Problems without satisfactory solutions include mechanisms: to reliably verify the legitimacy of bindings asserted in certificates, and their ongoing validity (revocation status); to configure software to “trust” an appropriate set of CAs, in order to automate certificate verification; to limit the ability of CAs to create certificates for arbitrary web sites and email users; to increase visibility when CAs delegate trust to subordinate authorities; to distinguish rogue certificates from those legitimately issued; to prevent downgrading secure HTTPS web sessions to unsecured HTTP; to eliminate current fragility whereby compromise of a single CA can undermine trust in the entire infrastructure. Problems are considered in two primary PKI use cases. The web communications focus is on the TLS protocol (including as used by HTTPS), the backbone of Internet security for site authentication, encryption, and integrity of browser-server data and downloaded software. The email focus spans end-to-end secure email and link-based secure email via TLS. The program seeks to improve or replace exploitable security mechanisms. The recent surge of research on such systems stems from essentially all of society's critical infrastructures -- power, transportation, finance, communications -- depending on the Internet, despite most of the thousands of CAs browsers and email software “trust” to issue certificates being unrecognizable to end-users. This infrastructure is widely recognized as vulnerable to cyber-attack in this post-Snowden era of increased awareness about how easily systems are compromised, and of the elevated consequences due to physical society's reliance on our digital infrastructure. HTTPS is acknowledged by experts to be a critical but fundamentally flawed infrastructure, while email is a foundation for business communications but remains almost entirely unsecured. The program results will improve fundamental understanding of how to build and maintain robust, secure information exchange systems, address root causes of security infrastructure flaws, and provide new approaches to address current limitations. Results are expected to find their way into widely deployed software systems used for government, enterprise and private communications.

该计划解决了几乎所有网络通信和安全电子邮件系统使用的通信安全基础设施的问题。所涉及的问题包括基于证书的公钥基础设施（PKI）、信任管理、系统安全性以及支持身份验证和身份管理机制。目前，基本上所有安全通信的底层模型都涉及到一个证书颁发机构（certificate Authority， CA），它将公钥绑定到实体标识符，从而创建公钥证书。没有令人满意的解决方案的问题包括机制：可靠地验证证书中断言的绑定的合法性及其持续有效性（撤销状态）；将软件配置为“信任”一组适当的核证机关，以便自动进行证书验证；限制核证机关为任意网站和电子邮件用户创建证书的能力；当核证机关将信任委托给下级机关时，增加能见度；区分冒牌证书与合法签发的证书；防止将安全的HTTPS web会话降级为不安全的HTTP；以消除当前的脆弱性，即单个CA的妥协可能破坏对整个基础设施的信任。在两个主要的PKI用例中考虑问题。网络通信的重点是TLS协议（包括HTTPS所使用的协议），它是互联网安全的骨干，用于站点认证、加密和浏览器服务器数据和下载软件的完整性。电子邮件的重点包括端到端安全电子邮件和通过TLS基于链接的安全电子邮件。该计划旨在改进或取代可利用的安全机制。尽管成千上万的ca浏览器和电子邮件软件“信任”颁发证书，但最终用户无法识别，但社会上所有关键基础设施——电力、交通、金融、通信——基本上都依赖于互联网，最近对此类系统的研究激增。在这个后斯诺登时代，人们越来越意识到系统是多么容易被破坏，以及实体社会对我们的数字基础设施的依赖所带来的日益严重的后果，人们普遍认为，这些基础设施容易受到网络攻击。专家们承认，HTTPS是一个至关重要但从根本上存在缺陷的基础设施，而电子邮件是商业通信的基础，但几乎完全不安全。该项目的结果将提高对如何建立和维护稳健、安全的信息交换系统的基本理解，解决安全基础设施缺陷的根本原因，并提供解决当前限制的新方法。预计研究结果将用于广泛部署的软件系统，用于政府、企业和私人通信。