The Web public key infrastructure is essential to providing secure communication on the Internet today, and in turn certificate authorities play a crucial role in this ecosystem by issuing certificates. These authorities may misissue certificates or suffer misuse attacks, however, which has given rise to the Certificate Transparency (CT) project. The goal of CT is to store all issued certificates in publicly auditable logs, which can then be checked for the presence of potentially misissued certificates. Thus, the requirement that a given certificate is indeed in one (or several) of these logs lies at the core of CT.
In the current deployment of CT, however, most individual clients do not check that the certificates they see are in the log, as requesting a proof of inclusion directly from the log reveals the certificate and thus creates the clear potential for a violation of that client's privacy.
In this paper, we explore the techniques that have been proposed for privacy-preserving auditing of certificate inclusion, focusing on their effectiveness, efficiency, and suitability in a near-term deployment. In doing so, we also explore the parallels with related problems involving browser clients, such as Safe Browsing and certificate revocation checks. Guided by a set of constraints that we develop, we ultimately observe several key limitations in many proposals, ranging from their privacy provisions to the fact that they focus on the interaction between a client and a log but leave open the question of how a client could privately report any certificates that are missing.View details
Proceedings of the 28th USENIX Security Symposium (2019)
Users must understand the identity of the website that they are visiting in order to make trust decisions. Web browsers indicate website identity via URLs and HTTPS certificates, but users must understand and act on these indicators for them to be effective. In this paper, we explore how browser identity indicators affect user behavior and understanding. First, we present a large-scale field experiment measuring the effects of the HTTPS Extended Validation (EV) certificate UI on user behavior. Our experiment is many orders of magnitude larger than any prior study of EV indicators, and it is the first to examine the EV indicator in a naturalistic scenario. We find that most metrics of user behavior are unaffected by its removal, providing evidence that the EV indicator adds little value in its current form. Second, we conduct three experimental design surveys to understand how users perceive UI variations in identity indicators for login pages, looking at EV UI in Chrome and Safari and URL formatting designs in Chrome. In 14 iterations on browsers' EV and URL formats, no intervention significantly impacted users' understanding of the security or identity of login pages. Informed by our experimental results, we provide recommendations to build more effective website identity mechanisms.View details
HTTPS is widely acknowledged as a pillar of modern web security. However, while much attention focuses on the value delivered by protocol improvements, the benefit of these advances is gated by the breadth of their adoption. Thus, while the majority of web pages visited benefit from the confidentiality and integrity guarantees of HTTPS, this is contradictorily due to a minority of popular sites currently supporting the protocol. In this paper written in April 2018, we explore factors of HTTPS adoption on web sites more broadly. We analyze attributes of the Alexa top one million sites in August 2017 and categorize them into popular and “longtail” sites, in an effort to identify points of leverage which offer promise for driving further adoption of HTTPS. We find that hosting provider use and cost are factors that correlate with HTTPS deployment, while other promising indicators—such as site age, site freshness, and server software choice—provide ambiguous signals and are unlikely to offer useful points of influence.View details
Web browser warnings should help protect people from malware, phishing, and network attacks. Adhering to warnings keeps people safer online. Recent improvements in warning design have raised adherence rates, but they could still be higher. And prior work suggests many people still do not understand them. Thus, two challenges remain: increasing both comprehension and adherence rates. To dig deeper into user decision making and comprehension of warnings, we performed an experience sampling study of web browser security warnings, which involved surveying over 6,000 Chrome and Firefox users in situ to gather reasons for adhering or not to real warnings. We find these reasons are many and vary with context. Contrary to older prior work, we do not find a single dominant failure in modern warning design---like habituation---that prevents effective decisions. We conclude that further improvements to warnings will require solving a range of smaller contextual misunderstandings.View details
No Results Found
We're always looking for more talented, passionate people.