Abstract
Certificate transparency is a promising log-based system designed to audit internet certificates publicly and is currently supported by Google Chrome. However, it is potentially vulnerable to split-world attacks, where certain users are directed to a fake version of the log. So, to ensure that users are seeing the same version of a log, gossip protocols have been designed in which users share data sourced from the log. In this paper, we propose a new way of evaluating these protocols using probabilistic model checking, a technique for formally verifying quantitative properties of computer systems. We describe our approach to modelling and verifying the protocols, including a novel approach to determine worst-case model parameters. We analyse several aspects of the protocols, including the success rate of detecting inconsistencies in gossiped data and the efficiency in terms of bandwidth, comparing different protocol variants and also our own proposals to improve protocol performance.
Original language | English |
---|---|
Title of host publication | Proceedings of 6th International Workshop on Security and Privacy in the Cloud (SPC'20) |
Publisher | IEEE Computer Society Press |
Number of pages | 9 |
Publication status | Accepted/In press - 3 May 2020 |
Event | 6th International Workshop on Security and Privacy in the Cloud (SPC'20) - Virtual event Duration: 29 Jun 2020 → 1 Jul 2020 |
Conference
Conference | 6th International Workshop on Security and Privacy in the Cloud (SPC'20) |
---|---|
City | Virtual event |
Period | 29/06/20 → 1/07/20 |