Comparison to time-stamping

An alternate approach to distinguish between legitimately and maliciously issued certificates in the face of CA compromises is to add time-stamps by an independent

trusted TSA. The time-stamping approach has been proposed to implement the chain model in a secure way [6]. We shortly summarize, why time-stamps are not a practical solution for the too-big-to-fail problem.

To implement the chain model based on time-stamps, a time-stamp for any cer- tificate in the certification path would be required [6]. With this, for each certificate it could be securely distinguished whether a certificate existed before a compromise and thus can be considered as legitimately issued. However, the approach has serious drawbacks and performance issues.

Firstly, the setup and maintenance of an additional and independent TSA infras- tructure and the trustworthiness of the TSAs to apply the correct date and time is required. The time-stamping service may be provided by a CA, however this CA must be independent from the CAs in the certification path that is to be protected. Otherwise, a compromise that invalidates the certification path also invalidates the time-stamp. This means for each time-stamp in the certification path, an additional certification path has to be verified to authenticate the TSA’s certificate. In the best case when all CAs use the same time-stamping service, at least one additional certification path has to be processed. However, this case is hardly imaginable with- out highly limiting the flexibility of the PKI because the time-stamp needs to be requested during or directly after the certificate issuance. This means, on the CA’s side the certificate issuance processes would have to be adapted, as well as different CAs would have to cooperate in order to prevent different TSAs for the protection of one certification path.

Furthermore, besides the time-stamps, the additional certification path(s) have to be delivered to the clients for path validation. Thus, the amount of transmitted certificates as well as the efforts for revocation checking during the TLS handshake would at least be doubled. The additional provision of time-stamps and independent certification paths also requires the adaptation of current standards. Furthermore, the independent paths need to be processed by the clients, requiring the adaptation of path validation algorithms.

Finally, time-stamps relying on electronic signatures themselves face the same problems concerning compromise and expiration as common electronic signatures do. Time-stamps only defer the problem to the TSA infrastructure and do not solve it. That is, upon the compromise of a TSA or any superordinate CA, the issued time-stamps become invalid which then would require their renewal facing the same problems as certificate renewal in case of CA compromise. All together, we deduce that time-stamps are only a theoretical solution for the too-big-to-fail problem but not applicable in practice to realize a CA revocation tolerant PKI.

6.4 Conclusion

In this chapter, it was presented how to realize a CA revocation tolerant PKI using forward secure signature schemes. The CA revocation tolerant PKI preserves the validity of legitimately issued certificates in the face of CA certificate revocations. It prevents the undifferentiated invalidation of all certificates that rely on a revoked CA certificate and the associated unavailability of dependent web services. Thus, CA certificates can be revoked in case of a compromise to prevent misuse by a attacker. Moreover, due to the precise impact of revocation in the CA revocation tolerant PKI, a certificate can even be revoked on suspicion of a compromise. It was shown, that the Web PKI can be transitioned to a CA revocation tolerant PKI with minor efforts once forward secure signature schemes are standardized. No organizational changes are required, thus allowing a transition parallel to normal operation. All changes can be realized fully backward compatible and are covered by current standards. The proposal has been evaluated regarding practicality and performance. It was shown that with XMSS an appropriate FSS is available, which in fact is currently being standardized. XMSS allows the implementation of a CA revocation tolerant PKI without limitations. The only drawback is slightly increased data loads during the TLS handshake, while no special hardware is required and signature verification speed can even be increased. The usability and the computational effort to use the PKI services is equal to conventional signature schemes. Thus, the presented CA revocation tolerant PKI is a practical solution to the too-big-to-fail problem of the Web PKI.

term verifiability

Public key infrastructures provide the possibility to verify the authenticity of public keys at the time the keys are being used. In the previous chapters, we have shown how to maintain this guarantee in practice. However, digital signatures as used today do not provide non-repudiation and long term verifiability. These properties require additional mechanisms.

Conventional signature schemes such as RSA and DSA cannot guarantee non- repudiation as there exists no possibility to distinguish between signatures generated by the legitimate key owner or an attacker that compromised the key. This fact can be exploited by the key owner to repudiate formerly generated signatures by pre- tending that his key has been compromised. Long term verifiability has two aspects. First it requires an alternate validity model, called the chain model. The second aspect is the preservation of the security of signatures. Signature schemes become insecure over time. Thus, in the future an attacker might be able to forge signatures without knowing the according key. At that point, all signatures generated with the affected signature scheme become insecure because of the indistinguishability of legitimate and forged signatures.

Today, both problems are solved with time-stamps generated by time-stamping authorities. Yet, this solution is costly and therefore has prevented the broad appli- cation of digital signatures as a replacement for handwritten signatures so far.

In Section 7.1, we present a solution based on FSS, adopting the mechanisms used in Chapter 6. Non-repudiation is achieved by preventing back dated revocation. To do so, we exploit the chronological ordering of signatures provided by FSS. The state of the signature key is securely tracked by a trusted third party. This approach additionally allows reconfirmations for signature generations, e.g. similar to mTAN as known from online banking, which prevent unnoticed key misuse. Long term verifiability is addressed in Section 7.2. Firstly, FSS allow the application of the chain model without time-stamps. The second aspect of long term verifiability

is addressed with the use of XMSS, a hash-based FSS. We present possibilities to prevent the sudden break down of the security of signatures based on special properties of XMSS.

In Section 7.3, our solution is evaluated. The correctness is shown with a for- mal PKI model. The efficiency is evaluated by comparing the presented solution to the time-stamping based one. We evaluate data loads, runtimes and security requirements in the different setups and show that the FSS based solution has clear advantages. Section 7.4 concludes this chapter.

The contributions of this chapter were published as parts of [B6, B7, B8, B10].

7.1 Guaranteeing non-repudation

In this section we show how to achieve non-repudiation with FSS. First, an intro- duction to the non-repudiation scenario is given and the difficulties are explained in Section 7.1.1. Afterward, it is shown how to generally apply FSS for end entities in Section 7.1.2 and the model for signature validation is presented in Section 7.1.3. To eventually be able to guarantee non-repudiation, the secure tracking of key states of end entities is required. This is solved with the Sign & Report approach presented in Section 7.1.4. Finally, it is shown in Section 7.1.5, how to extend the Sign & Report approach with a compromise detection mechanism using a reconfirmation procedure.