Mitigating private key compromise A thesis submitted in fulfillment of the requirements for the award of the degree Doctor of Philosophy from UNIVERSITY OF BIRMINGHAM by Jiangshan Yu School of Computer Science University of Birmingham August 2016 University of Birmingham Research Archive e-theses repository This unpublished thesis/dissertation is copyright of the author and/or third parties. The intellectual property rights of the author or third parties in respect of this work are as defined by The Copyright Designs and Patents Act 1988 or as modified by any successor legislation. Any use made of information contained in this thesis/dissertation must be in accordance with that legislation and must be properly acknowledged. Further distribution or reproduction in any format is prohibited without the permission of the copyright holder. ⃝c Copyright 2016 by Jiangshan Yu All Rights Reserved ii Dedicated to My Parents & Grandparents iii Declaration This is to certify that the work reported in this thesis was done by the author, unless specified otherwise, and that no part of it has been submitted in a thesis to any other university or similar institution. Jiangshan Yu August 12, 2016 iv Abstract Cryptosystems rely on the assumption that the computer end-points can securely store and use cryptographic keys. Yet, this assumption is rather hard to justify in practice. New software vulnerabilities are discovered every day, and malware is pervasive on mobile devices and desktop PCs. This thesis provides research on how to mitigate private key compromise in three different cases. The first case considers compromised signing keys of certificate au- thorities in public key infrastructure. To address this problem, we analyse and evaluate existing prominent certificate management systems, and propose a new system called Distributed and Transparent Key Infrastructure, which is secure even if all service providers collude together. The second case considers the key compromise in secure communication. We de- velop a simple approach that either guarantees the confidentiality of messages sent to a device even if the device was previously compromised, or allows the user to de- tect that confidentiality failed. We propose a multi-device messaging protocol that exploits our concept to allow users to detect unauthorised usage of their device keys. The third case considers the key compromise in secret distribution. We develop a self-healing system, which provides a proactive security guarantee: an attacker can learn a secret only if s/he can compromise all servers simultaneously in a short period. v Acknowledgements I thankfully acknowledge the funding received towards my PhD from The Univer- sity of Birmingham under EPSRC Project Grant Analysing Security and Privacy Properties (EP/H005501/1). I also would like to thank The School of Computer Science, University of Birmingham, for providing additional funding to cover my international student fee. My experience as a PhD researcher in the University of Birmingham has been won- derful. I am grateful to my supervisor Mark Ryan for this opportunity. He has been an excellent supervisor | he offered me directions yet enough freedom to explore different research areas. His supervision was vital to me in achieving my goals. I am fortunate to work with Cas Cremers, Liqun Chen, Vincent Cheval, Guilin Wang, and Yi Mu during my PhD. I would like to thank them for their contribu- tions. I am delighted to be here with a team of brilliant people. I must mention and thank Dan Ghica and Eike Ritter. They are my research monitoring group members and they have contributed comments and suggestions on my research. I also would like to thank all my friends for their friendship. Finally, I greatly appreciate my family for their love, support and understanding. vi Publications and Drafts The following papers have been published or submitted, and contain materials based on the content of this thesis. 1. Jiangshan Yu and Mark Ryan. \Device attacker models: fact and fiction”, Security Protocols XXIII, 2015, Cambridge, UK. 2. Jiangshan Yu, Mark Ryan, and Cas Cremers. \DECIM: Detecting Endpoint Compromise In Messaging', IACR Cryptology ePrint Archive, 2015: 486. 3. Jiangshan Yu, Vincent Cheval, and Mark Ryan. \DTKI: a new formalized PKI with verifiable trusted parties ", The Computer Journal, 2016. Doi:10.1093 /comjnl/bxw039. 4. Jiangshan Yu and Mark Ryan. \Evaluating web PKIs". 5. Jiangshan Yu, Mark Ryan, and Liqun Chen. \Authenticating compromisable storage systems". I am thankful to have opportunities to collaborate with others in other areas of computer and communications security. The contributions are listed below and they are beyond the scope of this thesis. 1. Jiangshan Yu, Guilin Wang, Yi Mu, and Wei Gao. \An Efficient and Im- proved Generic Framework for Three-Factor Authentication with Provably Secure Instantiation", IEEE Transactions on Information Forensics and Se- curity (TIFS), Vol.9, No.12, pp. 2302-2313. 2. Jiangshan Yu, Guilin Wang, and Yi Mu. “Efficient and Provably Secure Single Sign-on Schemes in Distributed Systems and Networks". vii Contents Abstract v Acknowledgements vi Publications and Drafts vii I Introduction and background 1 1 Introduction 2 1.1 Key compromise in web PKI ....................... 3 1.2 Key compromise in secure communication ............... 4 1.3 Key compromise in secret distribution ................. 5 1.4 Aims and Contributions ......................... 6 1.5 Thesis structure .............................. 9 2 Background 10 2.1 Crypto preliminaries ........................... 10 2.1.1 Discrete Logarithm Problem ................... 10 2.1.2 Diffie-Hellman Problem ...................... 10 2.1.3 Bilinear paring .......................... 11 2.1.4 Secret sharing ........................... 12 2.1.5 Knowledge Proof ......................... 13 2.2 Tamarin Prover ............................. 14 viii II Key compromise in web PKI 16 3 Evaluating Web PKIs 17 3.1 Introduction ................................ 17 3.2 Desired Features and security concerns ................. 19 3.3 Analysis of existing proposals ...................... 22 3.3.1 Classic CA model ......................... 23 3.3.2 Difference observation ...................... 23 3.3.3 Scope restriction ......................... 28 3.3.4 Certificate management transparency .............. 30 3.4 Observations ................................ 36 3.4.1 Property Perspective ....................... 36 3.4.2 System Perspective ........................ 39 3.5 Conclusion ................................. 40 4 DTKI: Distributed Transparent Key Infrastructure 41 4.1 Introduction ................................ 41 4.2 Overview .................................. 41 4.3 The public log ............................... 44 4.3.1 Data structures .......................... 44 4.3.2 The mapping log ......................... 51 4.3.3 Certificate logs .......................... 53 4.3.4 Synchronising the logs ...................... 55 4.4 Detailed implementation ......................... 56 4.4.1 Certificate publication ...................... 56 4.4.2 Certificate verification ...................... 60 4.4.3 Log verification .......................... 64 4.5 Security Analysis ............................. 66 4.6 Performance Evaluation ......................... 70 4.7 Comparison ................................ 72 4.8 Discussion ................................. 73 4.9 Conclusion ................................. 79 ix III Key compromise in secure communication 80 5 KUD: Key Usage Detection 81 5.1 Introduction ................................ 81 5.2 Threat model and design goals ...................... 83 5.3 Overview .................................. 85 5.3.1 The basic protocol ........................ 85 5.3.2 Messaging application ...................... 87 5.3.3 Detecting attacks: examples ................... 91 5.3.4 Responding to attacks ...................... 92 5.4 Detailed messaging implementation ................... 92 5.4.1 Log structure ........................... 92 5.4.2 Messaging protocol details .................... 95 5.4.3 Crowd-sourced verification .................... 104 5.4.4 Privacy considerations ...................... 105 5.5 Security Analysis ............................. 105 5.5.1 Security properties ........................ 106 5.5.2 Formal analysis .......................... 106 5.6 Realization in practice .......................... 109 5.6.1 Estimating communication cost ................. 109 5.6.2 Proof-of-concept log server prototype .............. 110 5.7 Conclusion ................................. 111 IV Key compromise in secret distribution 113 6 Self-healing distributed storage 114 6.1 Introduction ................................ 114 6.2 Attacker model and security goal .................... 116 6.2.1 Attacker model .......................... 116 6.2.2 Security goal ........................... 117 6.2.3 Formal Model ........................... 118 6.3 Our solution ................................ 122 6.3.1 Basic idea ............................. 122 x 6.3.2 Abstract construction ....................... 123 6.3.3 Detailed construction ....................... 124 6.4 Security analysis ............................. 127 6.4.1 Hardness assumption and discussion .............. 128 6.4.2 Formal security analysis ..................... 129 6.5 Discussion and related work ....................... 136 6.5.1 Extension to a threshold system ................. 136 6.5.2 Related work ........................... 137 6.6 Conclusion ................................