Abstract
Joshua Guttman has collaborated with others to set out principles for attestation of trust in the setting of trusted computing. I describe herein attestation of trust in authentication of web addresses via a means of binding security into the addresses themselves, and I discuss the analogues of such attestation principles in this setting.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Onion services. https://community.torproject.org/onion-services/
Appelbaum, J., Muffett, A.: The .onion special-use domain name (2015). https://tools.ietf.org/html/rfc7686
Birge-Lee, H., Sun, Y., Edmundson, A., Rexford, J., Mittal, P.: Bamboozling certificate authorities with BGP. In: 27th USENIX Security Symposium, pp. 833–849. USENIX Association (2018)
Birge-Lee, H., Sun, Y., Edmundson, A., Rexford, J., Mittal, P.: Using BGP to acquire bogus TLS certificates. In: Hot Topics in Privacy Enhancing Technologies (HotPETs) (2017)
CA/Browser Forum Baseline Requirements Certificate Policy for the Issuance and Management of Publicly-Trusted Certificates, Version 1.6.9. https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.6.9.pdf (27 March 2020)
Certificate Transparency. https://certificate.transparency.dev/
Chen, Q.A., Osterweil, E., Thomas, M., Mao, Z.M.: MitM attack by name collision: cause analysis and vulnerability assessment in the new gTLD era. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 675–690. IEEE (2016)
Christianson, B., Harbison, W.S.: Why isn’t trust transitive? In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189, pp. 171–176. Springer, Heidelberg (1997). https://doi.org/10.1007/3-540-62494-5_16
Coker, G., et al.: Principles of remote attestation. Int. J. Inf. Secur. 10(2), 63–81 (2011)
Coker, G., Guttman, J., Loscocco, P., Sheehy, J., Sniffen, B.: Attestation: evidence and trust. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 1–18. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88625-9_1
Dahlberg, R., Pulls, T., Ritter, T., Syverson, P.: Privacy-preserving & incrementally-deployable support for Certificate Transparency in Tor. Proc. Priv. Enhancing Technol. 2021(2), 194–213 (2021)
Fagin, R., Halpern, J.Y.: I’m OK if you’re OK: on the notion of trusting communication. J. Philos. Logic 17, 329–354 (1998)
Hirani, M., Jones, S., Read, B.: Global DNS hijacking campaign: DNS record manipulation at scale, 9 January 2019. https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html
Krebs, C.C.: Emergency directive 19-01: mitigate DNS infrastructure tampering, 22 January 2019. https://cyber.dhs.gov/assets/report/ed-19-01.pdf
Li, M., Yu, S., Guttman, J.D., Lou, W., Ren, K.: Secure ad hoc trust initialization and key management in wireless body area networks. ACM Trans. Sens. Netw. 9(2), 1–35 (2013)
Mathewson, N.: Next-generation hidden services in Tor (Tor proposal 224). https://gitweb.torproject.org/torspec.git/tree/proposals/224-rend-spec-ng.txt
Reynolds, J., et al.: Measuring identity confusion with uniform resource locators. In: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, pp. 1–12. ACM (2020). https://doi.org/10.1145/3313831.3376298
Syverson, P.: The once and future Onion. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10492, pp. 18–28. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66402-6_3
Syverson, P., Finkel, M., Eskandarian, S., Boneh, D.: Attacks on onion discovery and remedies via self-authenticating traditional addresses. In: Livraga, G., Park, N. (eds.) ACM Workshop on Privacy in the Electronic Society, WPES 2021. ACM Press (November 2021)
Syverson, P., Traudt, M.: Self-authenticating traditional domain names. In: 2019 IEEE Secure Development (SecDev), pp. 147–160. IEEE (September 2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Syverson, P. (2021). Principles of Remote Sattestation. In: Dougherty, D., Meseguer, J., Mödersheim, S.A., Rowe, P. (eds) Protocols, Strands, and Logic. Lecture Notes in Computer Science(), vol 13066. Springer, Cham. https://doi.org/10.1007/978-3-030-91631-2_23
Download citation
DOI: https://doi.org/10.1007/978-3-030-91631-2_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-91630-5
Online ISBN: 978-3-030-91631-2
eBook Packages: Computer ScienceComputer Science (R0)