Certificate Transparancy

From MgmtWiki
Jump to: navigation, search

Definition

Certificate Transparency (CT) is an open framework designed to increase the accountability and security of the public key infrastructure (PKI) used for securing websites and electronic communications.

Concept

Key Concepts and Mechanisms Public, Append-Only Logs: CT requires that every TLS/SSL certificate issued by publicly trusted certificate authorities (CAs) be recorded in one or more public logs. These logs are append-only, meaning that once a certificate entry is added, it cannot be removed or altered. This transparency allows anyone to audit issued certificates.

Signed Certificate Timestamps (SCTs): When a CA issues a certificate, it also obtains one or more SCTs from CT logs. These timestamps act as promises from the log operators that the certificate will be entered into the log within a predetermined period. SCTs are then embedded into the certificate (or provided via other mechanisms like TLS extensions or OCSP stapling) to serve as proof of its inclusion in the transparency logs.

Merkle Trees for Integrity: CT logs use cryptographic data structures known as Merkle trees to organize their entries. This setup allows for efficient and secure verification that a certificate is included in the log, ensuring that the log itself has not been tampered with.

Why Certificate Transparency Matters Detecting Misissuance: Before CT, certificates could be misissued either by error or through malicious activity (such as a compromised CA issuing unauthorized certificates for a domain). With CT, domain owners and third-party auditors can monitor CT logs to quickly detect if a certificate has been issued without their knowledge.

Enhanced Trust in the PKI: By making the entire certificate issuance process visible, CT strengthens trust in the web’s security infrastructure. Browser vendors (like Google Chrome) have made CT a requirement for certificates issued after a certain date, ensuring that only certificates that have been properly logged are trusted.

Accountability and Auditing: The public nature of CT logs means that any misbehavior by a CA (or even a mistake) can be identified and acted upon by the broader community. This level of accountability helps maintain the integrity of the global PKI system.

Problems

  • Privacy Concerns CT logs every issued certificate in a public, append-only ledger. This transparency can inadvertently expose sensitive information—for example, the existence of internal or subdomain certificates that some organizations might prefer to keep private. Attackers can mine CT logs to enumerate subdomains and potentially identify targets for further probing or attacks.
  • Dependence on Log Operator Trust and Availability The CT framework relies on multiple independent—and yet inherently trusted—log operators. If a log is compromised, misconfigured, or becomes unavailable, it may weaken the overall assurance that SCTs (Signed Certificate Timestamps) provide. Inconsistent performance or delayed inclusion of certificates in some logs can also lead to complications when verifying that a certificate has been properly logged.
  • Scalability and Performance Challenges With millions of certificates being issued (and with trends toward reduced certificate lifetimes), the volume of data in CT logs is growing rapidly. This scale can stress both the log servers and the monitoring tools that organizations use to detect misissuance. The challenge is ensuring that logs remain searchable and that security teams can efficiently monitor such a massive amount of data.
  • Lack of Robust Gossip Protocols A vital part of maintaining CT’s security is ensuring log consistency—that all parties see the same log entries. Although there has been work toward “gossip” protocols (methods for detecting and alerting about misbehaving logs), these mechanisms are still evolving. Without a robust, widely adopted gossip system, discrepancies or misbehavior in log entries might go unnoticed.
  • Reactive Rather Than Proactive Protection Certificate Transparency is designed to make misissuance visible so that misbehaving Certificate Authorities (CAs) or rogue certificates can be detected and revoked. However, this is inherently a reactive system—it doesn’t prevent a bad certificate from being issued in the first place but rather alerts the community afterward. This delay between issuance and detection can be problematic in fast-moving threat scenarios.
  • Governance and Standardization Issues Although CT represents an important move toward accountability, critics have noted that there isn’t always clear or consistent governance over the logs. Differences in log policies, varying degrees of transparency with respect to handling errors or compromises, and the lack of a central authority to enforce uniform standards can lead to gaps in the overall protection provided by CT.

Desired Result

Certificate Transparency is a framework that dramatically improves the trustworthiness of digital certificates. By enforcing public logging of certificates with mechanisms like SCTs and Merkle tree-based integrity checks, CT makes it possible for domain owners, auditors, and browser vendors to detect unauthorized or erroneous certificate issuance. This transparency is critical for guarding against potential breaches and maintaining confidence in online security.

References

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=Certificate_Transparancy&oldid=23672"