{"title":"如何使TLS中间件感知?","authors":"Hyunwoo Lee, Zach Smith, Junghwan Lim, Gyeongjae Choi, Selin Chun, Taejoong Chung, T. Kwon","doi":"10.14722/ndss.2019.23547","DOIUrl":null,"url":null,"abstract":"Middleboxes are widely deployed in order to enhance security and performance in networking. As communication over TLS becomes increasingly common, however, the end-to-end channel model of TLS undermines the efficacy of middleboxes. Existing solutions, such as ‘SplitTLS’, which intercepts TLS sessions, often introduce significant security risks by installing a custom root certificate or sharing a private key. Many studies have confirmed security vulnerabilities when combining TLS with middleboxes, which include certificate validation failures, use of obsolete ciphersuites, and unwanted content modification. To address the above issues, we introduce a middlebox-aware TLS protocol, dubbed maTLS, which allows middleboxes to participate in the TLS session in a visible and auditable fashion. Every participating middlebox now splits a session into two segments with their own security parameters in collaboration with the two endpoints. The maTLS protocol is designed to authenticate the middleboxes to verify the security parameters of segments, and to audit the middleboxes’ write operations. Thus, security of the session is ensured. We prove the security model of maTLS by using Tamarin, a state-of-theart security verification tool. We also carry out testbed-based experiments to show that maTLS achieves the above security goals with marginal overhead.","PeriodicalId":20444,"journal":{"name":"Proceedings 2019 Network and Distributed System Security Symposium","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"31","resultStr":"{\"title\":\"maTLS: How to Make TLS middlebox-aware?\",\"authors\":\"Hyunwoo Lee, Zach Smith, Junghwan Lim, Gyeongjae Choi, Selin Chun, Taejoong Chung, T. Kwon\",\"doi\":\"10.14722/ndss.2019.23547\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Middleboxes are widely deployed in order to enhance security and performance in networking. As communication over TLS becomes increasingly common, however, the end-to-end channel model of TLS undermines the efficacy of middleboxes. Existing solutions, such as ‘SplitTLS’, which intercepts TLS sessions, often introduce significant security risks by installing a custom root certificate or sharing a private key. Many studies have confirmed security vulnerabilities when combining TLS with middleboxes, which include certificate validation failures, use of obsolete ciphersuites, and unwanted content modification. To address the above issues, we introduce a middlebox-aware TLS protocol, dubbed maTLS, which allows middleboxes to participate in the TLS session in a visible and auditable fashion. Every participating middlebox now splits a session into two segments with their own security parameters in collaboration with the two endpoints. The maTLS protocol is designed to authenticate the middleboxes to verify the security parameters of segments, and to audit the middleboxes’ write operations. Thus, security of the session is ensured. We prove the security model of maTLS by using Tamarin, a state-of-theart security verification tool. We also carry out testbed-based experiments to show that maTLS achieves the above security goals with marginal overhead.\",\"PeriodicalId\":20444,\"journal\":{\"name\":\"Proceedings 2019 Network and Distributed System Security Symposium\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"31\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 2019 Network and Distributed System Security Symposium\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.14722/ndss.2019.23547\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 2019 Network and Distributed System Security Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.14722/ndss.2019.23547","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Middleboxes are widely deployed in order to enhance security and performance in networking. As communication over TLS becomes increasingly common, however, the end-to-end channel model of TLS undermines the efficacy of middleboxes. Existing solutions, such as ‘SplitTLS’, which intercepts TLS sessions, often introduce significant security risks by installing a custom root certificate or sharing a private key. Many studies have confirmed security vulnerabilities when combining TLS with middleboxes, which include certificate validation failures, use of obsolete ciphersuites, and unwanted content modification. To address the above issues, we introduce a middlebox-aware TLS protocol, dubbed maTLS, which allows middleboxes to participate in the TLS session in a visible and auditable fashion. Every participating middlebox now splits a session into two segments with their own security parameters in collaboration with the two endpoints. The maTLS protocol is designed to authenticate the middleboxes to verify the security parameters of segments, and to audit the middleboxes’ write operations. Thus, security of the session is ensured. We prove the security model of maTLS by using Tamarin, a state-of-theart security verification tool. We also carry out testbed-based experiments to show that maTLS achieves the above security goals with marginal overhead.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
