Zodiacal Cloud: The Local Circumstellar Disk Sumita Jayaraman.
Decentralized Certificate Authority - Bargav Jayaraman · Certificate Authority Bargav Jayaraman...
Transcript of Decentralized Certificate Authority - Bargav Jayaraman · Certificate Authority Bargav Jayaraman...
Decentralized Certificate Authority
Bargav JayaramanHannah Li
1
Review - Creating a Certificate
Identity
Ownership
class/type of certificate
With private key
2
example.com Certificate Authority
Motivation
3
2011 Comodo and DigiNotar
The certificates are only as trustworthy as the weakest CA...
OR
Background - Digital Signature Algorithm (DSA)
4
ECDSA Signature Algorithm Random Number
k
Private Key
d
Hash(message)
Public Key qDigital Signature
(r,s)
Background - Elliptic Curve DSA
5
ECDSA Signature Algorithm
Parameters = (p, b, G, n, h)
Public Key: Q = d * G
Signature: (x, y) = k * Gr = x mod n
s = k-1(Hash(m) + rd)
Sample Curve
d= CA private keyk = Random numberm = info to be signed
Background - Secure Multiparty Computation
6
Input: X Input: Y
Output: f(X, Y)
Computation
Alice Bob
Alice generates the Circuit Bob evaluates the Circuit
Framework ==> OblivC + Absentminded Crypto
7
Generic Computation
obliv int x, y, z;
feedOblivInt(&x, io->x, 1);feedOblivInt(&y, io->y, 2);
Z = x + y;
revealOblivInt(&io->z, z, 0);
Absentminded Crypto provides ‘big number’ arithmetic over OblivC!
Use obig keyword for big numbers..
Decentralized CA using MPC
8
MPC
ECDSA Signature Algorithm
Certificate Signing Request
Certificate
CA Organization
example.com
MPC
Implementation in C
99
ECDSA Signature Algorithm(Secp192k1 192-bit EC parameters)
Random Number k(Generated via C’s
GMP library)
Private Key d(Generated via C’s
GMP library)
Hash(message)(SHA256 of template
TBSCertificate)
Public Key qDigital Signature (r,s)
To Be Signed Certificate
Experiments3-4 hours to perform certificate signing using ‘secp192k1’ elliptic curve.
Computation Bottleneck: Curve Point-multiplication!
10
pointMultiplication(G, k): N ← G Q ← 0 for i from 0 to m do if ki = 1 then Q ← pointAdd(Q, N) N ← pointDouble(N) return Q
pointAdd(P, Q): pointDouble(P):
Signature: (x, y) = k * Gr = x mod n
s = k-1(Hash(m) + rd)
Conclusion
Decentralized CA is feasible in practice
11
Certificate Signing takes around 3-4 hours, which can be optimized
Deployment in open source tool OpenSSL