Decentralized Certificate Authority - Bargav Jayaraman · Certificate Authority Bargav Jayaraman...

Preview:

Click to see full reader

Citation preview

Decentralized Certificate Authority

Bargav JayaramanHannah Li

1

Review - Creating a Certificate

Identity

Ownership

class/type of certificate

With private key

2

example.com Certificate Authority

Motivation

3

2011 Comodo and DigiNotar

The certificates are only as trustworthy as the weakest CA...

OR

Background - Digital Signature Algorithm (DSA)

4

ECDSA Signature Algorithm Random Number

k

Private Key

d

Hash(message)

Public Key qDigital Signature

(r,s)

Background - Elliptic Curve DSA

5

ECDSA Signature Algorithm

Parameters = (p, b, G, n, h)

Public Key: Q = d * G

Signature: (x, y) = k * Gr = x mod n

s = k-1(Hash(m) + rd)

Sample Curve

d= CA private keyk = Random numberm = info to be signed

Background - Secure Multiparty Computation

6

Input: X Input: Y

Output: f(X, Y)

Computation

Alice Bob

Alice generates the Circuit Bob evaluates the Circuit

Framework ==> OblivC + Absentminded Crypto

7

Generic Computation

obliv int x, y, z;

feedOblivInt(&x, io->x, 1);feedOblivInt(&y, io->y, 2);

Z = x + y;

revealOblivInt(&io->z, z, 0);

Absentminded Crypto provides ‘big number’ arithmetic over OblivC!

Use obig keyword for big numbers..

Decentralized CA using MPC

8

MPC

ECDSA Signature Algorithm

Certificate Signing Request

Certificate

CA Organization

example.com

MPC

Implementation in C

99

ECDSA Signature Algorithm(Secp192k1 192-bit EC parameters)

Random Number k(Generated via C’s

GMP library)

Private Key d(Generated via C’s

GMP library)

Hash(message)(SHA256 of template

TBSCertificate)

Public Key qDigital Signature (r,s)

To Be Signed Certificate

Experiments3-4 hours to perform certificate signing using ‘secp192k1’ elliptic curve.

Computation Bottleneck: Curve Point-multiplication!

10

pointMultiplication(G, k): N ← G Q ← 0 for i from 0 to m do if ki = 1 then Q ← pointAdd(Q, N) N ← pointDouble(N) return Q

pointAdd(P, Q): pointDouble(P):

Signature: (x, y) = k * Gr = x mod n

s = k-1(Hash(m) + rd)

Conclusion

Decentralized CA is feasible in practice

11

Certificate Signing takes around 3-4 hours, which can be optimized

Deployment in open source tool OpenSSL

Recommended

Farewell to Dr. K. Jayaraman - fao.orgcombined issue, we focus on Conference 2013 successfully visible among the teak community by Farewell to Dr. K. Jayaraman Dr. P.K. Thulasidas
Documents
Pallavi Tambay, Yang Zhang, Prof. Bharat Jayaraman Compositional specification of structure objects Declarative specification of behavior constraints
Documents
Regional Economic Integration in the Pacific: An Empirical Study T.K. Jayaraman, Huay-Huay Lee and Hock-Ann Lee
Documents
Balaji Jayaraman *,† and S. M. Abdullah Al Mamun
Documents
Material Selection and Production Methods Robert Love, Venkat Jayaraman July 8, 2008 SSTP Seminar – Lecture 5
Documents
Learning image representations tied to ego-motiongrauman/papers/jayaraman-iccv2015.pdf · Learning image representations tied to ego-motion Dinesh Jayaraman The University of Texas
Documents
Jayaraman J. Thiagarajan Deepta Rajan Prasanna …Understanding Behavior of Clinical Models under Domain Shifts Jayaraman J. Thiagarajan Lawrence Livermore National Labs jjayaram@llnl.gov
Documents
Determinants and Consequences of Proxy Voting by Mutual Funds on Shareholder Proposals Rasha Ashraf Narayanan Jayaraman December 13, 2006
Documents
MAKING COMPUTER LITERACY MEANINGFUL Neela Jayaraman Heather Tatton-Harris
Documents
Evaluating Di erentially Private Machine Learning in Practiceevans/pubs/usenix2019/evaluatingdp.pdf · Evaluating Di erentially Private Machine Learning in Practice Bargav Jayaraman
Documents
THE TAO OF LEARNING Robert Love, Venkat Jayaraman June 19, 2008 SSTP Seminar – Lecture 1
Documents
Department of Biotechnology - tcarts.inM.Sc... · Enzymes : Classification ... Boyer R., Modern experimental Biochemistry, III Edn., Pearson education publication ... 9. Jayaraman,
Documents
Evaluation of Early Childhood Coaching Implementation in ...r2ed.unl.edu/...5_Jayaraman_Knoche_Marvin_Bainter.pdf · Gayatri Jayaraman, Lisa Knoche, Christine Marvin, & Sue Bainter
Documents
Radar And Navigational Aids Jayaraman (1053) Kaushik (1059) Ikram (3009) Vignesh (3010)
Documents
[MS-CSRA]: Certificate Services Remote Administration Protocol...certificate certificate. certificate. certificate . certificate.
Documents
Sudarsan Jayaraman - Open information security management maturity model
Documents
SIVAJI GANESAN 01. Desam Gnanam Film/Album: Parasakthi Artiste: C.S. Jayaraman 02. Kaa Kaa Kaa Film/Album: Parasakthi Artiste: C.S. Jayaraman 03. Ambigaiye Eswariye
Documents
[IJET V2I4P9] Authors: Praveen Jayasankar , Prashanth Jayaraman ,Rachel Hannah
Engineering
Research in Programming Languages Prof. Bharat Jayaraman Language Research Group
Documents
Karthik Jayaraman Thesis - UMD
Documents