Title :
Laribus: Privacy-Preserving Detection of Fake SSL Certificates with a Social P2P Notary Network
Author :
Micheloni, Andrea ; Fuchs, Karl-Peter ; Herrmann, D. ; Federrath, Hannes
Author_Institution :
Dept. of Inf., Univ. of Hamburg, Hamburg, Germany
Abstract :
In this paper we present Laribus, a peer-to-peer network designed to detect local man-in-the-middle attacks against SSL/TLS. With Laribus clients can validate the authenticity of a certificate presented to them by retrieving it from different vantage points on the network. Unlike previous solutions, clients do not have to trust a central notary service, nor do they have to rely on the cooperation of website owners. The Laribus network is based on a Social Network graph, which allows users to form Notary Groups that improve both privacy and availability. It integrates several well-known techniques, such as secret sharing, ring signatures, layered encryption, range queries and a Distributed Hash Table (DHT), to achieve privacy-aware queries, scalability and decentralization. We present the design and core components of Laribus, discuss its security properties and also provide results from a simulation-based feasibility study.
Keywords :
cryptography; data privacy; digital signatures; network theory (graphs); peer-to-peer computing; reliability; DHT; Laribus network; SSL/TLS; authenticity; availability; distributed hash table; fake SSL certificate detection; layered encryption; local man-in-the-middle attacks; notary groups; peer-to-peer network; privacy-aware queries; privacy-preserving detection; range queries; ring signatures; scalability; secret sharing; security properties; social P2P notary network; social network graph; Authentication; Availability; Cryptography; Privacy; Proposals; Servers; MITM attack; P2P; SSL; anonymity; privacy;
Conference_Titel :
Availability, Reliability and Security (ARES), 2013 Eighth International Conference on
Conference_Location :
Regensburg
DOI :
10.1109/ARES.2013.7
