HOME

TheInfoList



Click Here for Items Related To - Delegated Credential
OR:
Delegated Credential on:   [Wikipedia]   [Google]   [Amazon]

Delegated credential is a short-lived TLS
certificate Certificate may refer to: * Birth certificate * Marriage certificate * Death certificate * Gift certificate * Certificate of authenticity, a document or seal certifying the authenticity of something * Certificate of deposit, or CD, a financial p ...
used to improve security by faster recovery from
private key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
leakage, without increasing the latency of the TLS handshake. It is currently an
IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet standard, Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster ...
Internet Draft An Internet Draft (I-D) is a document published by the Internet Engineering Task Force (IETF) containing preliminary technical specifications, results of networking-related research, or other technical information. Often, Internet Drafts are int ...
, and has been in use by
Cloudflare Cloudflare, Inc., is an American company that provides content delivery network services, cybersecurity, DDoS mitigation, wide area network services, reverse proxies, Domain Name Service, ICANN-accredited domain registration, and other se ...
and
Facebook Facebook is a social media and social networking service owned by the American technology conglomerate Meta Platforms, Meta. Created in 2004 by Mark Zuckerberg with four other Harvard College students and roommates, Eduardo Saverin, Andre ...
, with browser support by
Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements curr ...
.


Motivation

Modern websites and other services use
content delivery network A content delivery network (CDN) or content distribution network is a geographically distributed network of proxy servers and their data centers. The goal is to provide high availability and performance ("speed") by distributing the service spat ...
s (CDNs), which are servers potentially distributed all over the world, in order to respond to a user's request as fast as possible, alongside other services that CDNs provide such as
DDoS mitigation DDoS mitigation is a set of network management techniques and tools for resisting or mitigating the impact of distributed denial-of-service (DDoS) attacks on networks attached to the Internet by protecting the target and relay networks. DDoS atta ...
. However, in order to establish a secure connection, the server is required to prove possession of a private key associated with a certificate, which serves as a
chain of trust In computer security, a chain of trust is established by validating each component of hardware and software from the end entity up to the root certificate. It is intended to ensure that only trusted software and hardware can be used while sti ...
linking the public key and a trusted party. The trusted party is normally a
certificate authority In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. Thi ...
(CA). CAs issue these
digital certificates In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a Key authentication, public key. The certificate includes the public key and informati ...
with an expiration time, usually a few months up to a year. It is the server's responsibility to renew the certificate close to its expiration date. Knowledge of a private key associated to a valid certificate is devastating for the site's security, as it allows
Man-in-the-middle attack In cryptography and computer security, a man-in-the-middle (MITM) attack, or on-path attack, is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communi ...
s, in which a malicious entity can impersonate to a user as a legitimate server. Therefore, these private keys should be kept secure, preferably not distributed over every server in the CDN. Specifically, if a private key is compromised, the corresponding certificate should optimally be revoked, such that browsers will no longer support this certificate. Certificate revocation has two main drawbacks. Firstly, current revocation methods do not work well across all browsers, and put the users at risk; and secondly, upon revocation, the server needs to quickly fetch a new valid certificate from the CA and deploy it across all
mirrors A mirror, also known as a looking glass, is an object that reflects an image. Light that bounces off a mirror forms an image of whatever is in front of it, which is then focused through the lens of the eye or a camera. Mirrors reverse the ...
.


Design

A delegated credential is a short-lived key (from a few hours to a few days) that the certificate's owner delegates to the server for use in TLS. It is in fact a
signature A signature (; from , "to sign") is a depiction of someone's name, nickname, or even a simple "X" or other mark that a person writes on documents as a proof of identity and intent. Signatures are often, but not always, Handwriting, handwritt ...
: the certificate's owner uses the certificate's private key to sign a delegated public key, and an expiration time. Given this delegated credential, a browser can (if it supports it) verify the server's authenticity by verifying the delegated certificate and then verify the certificate itself.


Advantages

This approach has many advantage over current solutions: * Delegated credentials are short-lived, so private keys can be changed frequently. Therefore, even if a particular delegated credential is compromised without certificate owner knowing it, that compromised credential could only be abused for a very short time. * No revocation is needed for stolen certificates. * The certificate owner does not need to expose its private key to the CDN servers, but rather periodically supply them with delegated credentials. Therefore, certificate owner can maintain exclusive control over its private key (and even store it in HSM) while using third-party CDN servers. * The delegated credential has its own key, so it can experiment with new algorithms such as
Ed25519 In public-key cryptography, Edwards-curve Digital Signature Algorithm (EdDSA) is a digital signature scheme using a variant of Schnorr signature based on twisted Edwards curves. It is designed to be faster than existing digital signature scheme ...
. This can facilitate
cryptographic agility In cryptographic protocol design, cryptographic agility or crypto-agility is the ability to switch between multiple cryptographic primitives. A cryptographically agile system implementing a particular standard can choose which combination of primi ...
.


References

{{Reflist Cryptographic protocols Application layer protocols Transport Layer Security