000221010 001__ 221010
000221010 005__ 20190812205925.0
000221010 020__ $$a978-1-5090-0824-7
000221010 0247_ $$2doi$$a10.1109/Sp.2016.38
000221010 022__ $$a1081-6011
000221010 02470 $$2ISI$$a000387292800030
000221010 037__ $$aCONF
000221010 245__ $$aKeeping Authorities “Honest or Bust” with Decentralized Witness Cosigning
000221010 269__ $$a2016
000221010 260__ $$bIeee$$c2016$$aNew York
000221010 300__ $$a20
000221010 336__ $$aConference Papers
000221010 490__ $$aIEEE Symposium on Security and Privacy
000221010 520__ $$aAbstract—The secret keys of critical network authorities – such as time, name, certificate, and software update services – represent high-value targets for hackers, criminals, and spy agencies wishing to use these keys secretly to compromise other hosts. To protect authorities and their clients proactively from undetected exploits and misuse, we introduce CoSi, a scalable witness cosigning protocol ensuring that every authoritative statement is validated and publicly logged by a diverse group of witnesses before any client will accept it. A statement S collectively signed by W witnesses assures clients that S has been seen, and not immediately found erroneous, by those W observers. Even if S is compromised in a fashion not readily detectable by the witnesses, CoSi still guarantees S’s exposure to public scrutiny, forcing secrecy-minded attackers to risk that the compromise will soon be detected by one of the W witnesses. Because clients can verify collective signatures efficiently without communication, CoSi protects clients’ privacy, and offers the first transparency mechanism effective against persistent man-inthe-middle attackers who control a victim’s Internet access, the authority’s secret key, and several witnesses’ secret keys. CoSi builds on existing cryptographic multisignature methods, scaling them to support thousands of witnesses via signature aggregation over efficient communication trees. A working prototype demonstrates CoSi in the context of timestamping and logging authorities, enabling groups of over 8,000 distributed witnesses to cosign authoritative statements in under two seconds.
000221010 700__ $$aSyta, Ewa
000221010 700__ $$aTamas, Iulia
000221010 700__ $$aVisher, Dylan
000221010 700__ $$aWolinsky, David
000221010 700__ $$0249578$$g264772$$aJovanovic, Philipp Svetolik
000221010 700__ $$aGasser, Linus
000221010 700__ $$0250934$$g195531$$aGailly, Nicolas
000221010 700__ $$g264505$$aKhoffi, Ismail$$0(EPFLAUTH)264505
000221010 700__ $$aFord, Bryan Alexander$$g257875$$0249220
000221010 7112_ $$dMay 22-25, 2016$$cSan Jose, California, USA$$a37th IEEE Symposium on Security and Privacy
000221010 773__ $$t2016 Ieee Symposium On Security And Privacy (Sp)$$q526-545
000221010 8564_ $$zPostprint$$yPostprint$$uhttps://infoscience.epfl.ch/record/221010/files/1503.08768v4.pdf$$s686333
000221010 909C0 $$xU13061$$pDEDIS$$0252572
000221010 909CO $$ooai:infoscience.tind.io:221010$$qGLOBAL_SET$$pconf$$pIC
000221010 917Z8 $$x254967
000221010 937__ $$aEPFL-CONF-221010
000221010 973__ $$rREVIEWED$$sPUBLISHED$$aEPFL
000221010 980__ $$aCONF