maTLS: How to Make TLS Middlebox-aware?

Network Distributed System Security '19

Auditable Middleboxes

An auditable middlebox is a middlebox that has its own certificate logged in the middlebox transparency system

Middlebox Certificates

An image will be inserted

▸ A client is not aware of involved middleboxes

    To minigate the problems in SplitTLS, it is desirable to make middleboxes visible and publicly auditable.

▸ X.509 certificates are relevant to make middleboxes public

    X.509 certificates are public and static; thus, it is appropriate to describe the properties of the middleboxes.

Fields of Middlebox Certificates

▸ Type of Service

    This field describes the type of the service provided by the middlebox. Examples are web application firewalls, anti-virus software, and parental filterings.

▸ URL

    This field indicates the URL pointing to the web page of information about the middlebox or the middlebox service provider.

▸ Permission

    This field represents the permission of the middlebox, e.g., read or write.
An image will be inserted

Middlebox Transparency

An image will be inserted

▸ The middlebox transparency system records all the middlebox certificates

    The middlebox transparency log server manages the middlebox certificates in the form of a merkle tree

▸ The middlebox transparency system issues a signed certificate timestamp

    The signed certificate timestamp (SCT) represents a promise that the corresponding certificate will be logged in the log server within the next period as the certificate transparency (CT) system does.

Advantages

An image will be inserted

▸ No impersonation

    Middleboxes now have their own key pairs and do not need to impersonate others (in TLS).

▸ Awareness

    Anyone can know the name and the properties of the middlebox by the middlebox certificate.

▸ Auditability

    Any interested parties can check fraudulent certificates with the middlebox transparency system.

▸ Information Enforcement

    A CA can enforce middlebox service providers to provide sufficient information about the middleboxes by marking important fields as "critical"; the client should abort the session if the critical field is not filled.

▸ Revocability

    Any incorrect middleboxes can be blocked following the certificate revocation mechanisms such as CRL or OCSP.