Abstract
Joshua Guttman has collaborated with others to set out principles for attestation of trust in the setting of trusted computing. I describe herein attestation of trust in authentication of web addresses via a means of binding security into the addresses themselves, and I discuss the analogues of such attestation principles in this setting.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Onion services. https://community.torproject.org/onion-services/
Appelbaum, J., Muffett, A.: The .onion special-use domain name (2015). https://tools.ietf.org/html/rfc7686
Birge-Lee, H., Sun, Y., Edmundson, A., Rexford, J., Mittal, P.: Bamboozling certificate authorities with BGP. In: 27th USENIX Security Symposium, pp. 833–849. USENIX Association (2018)
Birge-Lee, H., Sun, Y., Edmundson, A., Rexford, J., Mittal, P.: Using BGP to acquire bogus TLS certificates. In: Hot Topics in Privacy Enhancing Technologies (HotPETs) (2017)
CA/Browser Forum Baseline Requirements Certificate Policy for the Issuance and Management of Publicly-Trusted Certificates, Version 1.6.9. https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.6.9.pdf (27 March 2020)
Certificate Transparency. https://certificate.transparency.dev/
Chen, Q.A., Osterweil, E., Thomas, M., Mao, Z.M.: MitM attack by name collision: cause analysis and vulnerability assessment in the new gTLD era. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 675–690. IEEE (2016)
Christianson, B., Harbison, W.S.: Why isn’t trust transitive? In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 171–176. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-62494-5_16
Coker, G., et al.: Principles of remote attestation. Int. J. Inf. Secur. 10(2), 63–81 (2011)
Coker, G., Guttman, J., Loscocco, P., Sheehy, J., Sniffen, B.: Attestation: evidence and trust. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 1–18. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88625-9_1
Dahlberg, R., Pulls, T., Ritter, T., Syverson, P.: Privacy-preserving & incrementally-deployable support for Certificate Transparency in Tor. Proc. Priv. Enhancing Technol. 2021(2), 194–213 (2021)
Fagin, R., Halpern, J.Y.: I’m OK if you’re OK: on the notion of trusting communication. J. Philos. Logic 17, 329–354 (1998)
Hirani, M., Jones, S., Read, B.: Global DNS hijacking campaign: DNS record manipulation at scale, 9 January 2019. https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html
Krebs, C.C.: Emergency directive 19-01: mitigate DNS infrastructure tampering, 22 January 2019. https://cyber.dhs.gov/assets/report/ed-19-01.pdf
Li, M., Yu, S., Guttman, J.D., Lou, W., Ren, K.: Secure ad hoc trust initialization and key management in wireless body area networks. ACM Trans. Sens. Netw. 9(2), 1–35 (2013)
Mathewson, N.: Next-generation hidden services in Tor (Tor proposal 224). https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-ng.txt
Reynolds, J., et al.: Measuring identity confusion with uniform resource locators. In: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, pp. 1–12. ACM (2020). https://doi.org/10.1145/3313831.3376298
Syverson, P.: The once and future Onion. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10492, pp. 18–28. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66402-6_3
Syverson, P., Finkel, M., Eskandarian, S., Boneh, D.: Attacks on onion discovery and remedies via self-authenticating traditional addresses. In: Livraga, G., Park, N. (eds.) ACM Workshop on Privacy in the Electronic Society, WPES 2021. ACM Press (November 2021)
Syverson, P., Traudt, M.: Self-authenticating traditional domain names. In: 2019 IEEE Secure Development (SecDev), pp. 147–160. IEEE (September 2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Syverson, P. (2021). Principles of Remote Sattestation. In: Dougherty, D., Meseguer, J., Mödersheim, S.A., Rowe, P. (eds) Protocols, Strands, and Logic. Lecture Notes in Computer Science(), vol 13066. Springer, Cham. https://doi.org/10.1007/978-3-030-91631-2_23
Download citation
DOI: https://doi.org/10.1007/978-3-030-91631-2_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-91630-5
Online ISBN: 978-3-030-91631-2
eBook Packages: Computer ScienceComputer Science (R0)