A Universally Composable Treatment of Network Time

Ran Canetti, Kyle Hogan, Aanchal Malhotra, Mayank Varia

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

The security of almost any real-world distributed system today depends on the participants having some 'reasonably accurate' sense of current real time. Indeed, to name one example, the very authenticity of practically any communication on the Internet today hinges on the ability of the parties to accurately detect revocation of certificates, or expiration of passwords or shared keys.However, as recent attacks show, the standard protocols for determining time are subvertible, resulting in wide-spread security loss. Worse yet, we do not have security notions for network time protocols that (a) can be rigorously asserted, and (b) rigorously guarantee security of applications that require a sense of real time.We propose such notions, within the universally composable (UC) security framework. That is, we formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols, and how they can be used to assert security of time-reliant applications - specifically, certificates with revocation and expiration times. This allows for relatively clear and modular treatment of the use of time consensus in security-sensitive systems.Our modeling and analysis are done within the existing UC framework, in spite of its asynchronous, event-driven nature. This allows incorporating the use of real time within the existing body of analytical work done in this framework. In particular it allows for rigorous incorporation of real time within cryptographic tools and primitives.

Original languageEnglish
Title of host publicationProceedings - IEEE 30th Computer Security Foundations Symposium, CSF 2017
PublisherIEEE Computer Society
Pages360-375
Number of pages16
ISBN (Electronic)9781538632161
DOIs
StatePublished - 25 Sep 2017
Event30th IEEE Computer Security Foundations Symposium, CSF 2017 - Santa Barbara, United States
Duration: 21 Aug 201725 Aug 2017

Publication series

NameProceedings - IEEE Computer Security Foundations Symposium
ISSN (Print)1940-1434

Conference

Conference30th IEEE Computer Security Foundations Symposium, CSF 2017
Country/TerritoryUnited States
CitySanta Barbara
Period21/08/1725/08/17

Keywords

  • Consensus
  • Network time
  • Public key infrastructure
  • Universal composability

Fingerprint

Dive into the research topics of 'A Universally Composable Treatment of Network Time'. Together they form a unique fingerprint.

Cite this