TY - GEN
T1 - A Universally Composable Treatment of Network Time
AU - Canetti, Ran
AU - Hogan, Kyle
AU - Malhotra, Aanchal
AU - Varia, Mayank
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/9/25
Y1 - 2017/9/25
N2 - The security of almost any real-world distributed system today depends on the participants having some 'reasonably accurate' sense of current real time. Indeed, to name one example, the very authenticity of practically any communication on the Internet today hinges on the ability of the parties to accurately detect revocation of certificates, or expiration of passwords or shared keys.However, as recent attacks show, the standard protocols for determining time are subvertible, resulting in wide-spread security loss. Worse yet, we do not have security notions for network time protocols that (a) can be rigorously asserted, and (b) rigorously guarantee security of applications that require a sense of real time.We propose such notions, within the universally composable (UC) security framework. That is, we formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols, and how they can be used to assert security of time-reliant applications - specifically, certificates with revocation and expiration times. This allows for relatively clear and modular treatment of the use of time consensus in security-sensitive systems.Our modeling and analysis are done within the existing UC framework, in spite of its asynchronous, event-driven nature. This allows incorporating the use of real time within the existing body of analytical work done in this framework. In particular it allows for rigorous incorporation of real time within cryptographic tools and primitives.
AB - The security of almost any real-world distributed system today depends on the participants having some 'reasonably accurate' sense of current real time. Indeed, to name one example, the very authenticity of practically any communication on the Internet today hinges on the ability of the parties to accurately detect revocation of certificates, or expiration of passwords or shared keys.However, as recent attacks show, the standard protocols for determining time are subvertible, resulting in wide-spread security loss. Worse yet, we do not have security notions for network time protocols that (a) can be rigorously asserted, and (b) rigorously guarantee security of applications that require a sense of real time.We propose such notions, within the universally composable (UC) security framework. That is, we formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols, and how they can be used to assert security of time-reliant applications - specifically, certificates with revocation and expiration times. This allows for relatively clear and modular treatment of the use of time consensus in security-sensitive systems.Our modeling and analysis are done within the existing UC framework, in spite of its asynchronous, event-driven nature. This allows incorporating the use of real time within the existing body of analytical work done in this framework. In particular it allows for rigorous incorporation of real time within cryptographic tools and primitives.
KW - Consensus
KW - Network time
KW - Public key infrastructure
KW - Universal composability
UR - http://www.scopus.com/inward/record.url?scp=85033780719&partnerID=8YFLogxK
U2 - 10.1109/CSF.2017.38
DO - 10.1109/CSF.2017.38
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:85033780719
T3 - Proceedings - IEEE Computer Security Foundations Symposium
SP - 360
EP - 375
BT - Proceedings - IEEE 30th Computer Security Foundations Symposium, CSF 2017
PB - IEEE Computer Society
T2 - 30th IEEE Computer Security Foundations Symposium, CSF 2017
Y2 - 21 August 2017 through 25 August 2017
ER -