The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem

Scheitle, Quirin; Gasser, Oliver; Nolte, Theodor; Amann, Johanna; Brent, Lexi; Carle, Georg; Holz, Ralph; Schmidt, Thomas; Wählisch, Matthias

doi:10.1145/3278532.3278562

Verlagslink DOI:	10.1145/3278532.3278562
Titel:	The Rise of Certificate Transparency and Its Implications on the Internet Ecosystem
Autorenschaft:	Scheitle, Quirin Gasser, Oliver Nolte, Theodor Amann, Johanna Brent, Lexi Carle, Georg Holz, Ralph Schmidt, Thomas Wählisch, Matthias
Erscheinungsdatum:	Okt-2018
Verlag:	New York, USA ; Association for Computing Machinery
Anfangsseite:	343
Endseite:	349
Konferenz:	Internet Measurement Conference - IMC ; Association of the Computing Machinery ; Boston, MA
Zusammenfassung:	In this paper, we analyze the evolution of Certificate Transparency (CT) over time and explore the implications of exposing certificate DNS names from the perspective of security and privacy. We find that certificates in CT logs have seen exponential growth. Website support for CT has also constantly increased, with now a majority of established connections supporting CT. With the increasing deployment of CT, there are also concerns of information leakage due to all certificates being visible in CT logs. To understand this threat, we introduce a CT honeypot and show that data from CT logs is being used to identify targets for scanning campaigns only minutes after certificate issuance. We present and evaluate a methodology to learn and validate new subdomains from the vast number of domains extracted from CT logged certificates.
URI:	http://hdl.handle.net/20.500.12738/686
Einrichtung:	Department Informatik Fakultät Technik und Informatik
Dokumenttyp:	Konferenzveröffentlichung
Enthalten in den Sammlungen:	Publications without full text