TWC: TTP Option: Small: Understanding the State of TLS Using Large-scale Passive Measurements

TWC：TTP 选项：小：使用大规模被动测量了解 TLS 的状态

• 批准号: 1528156
• 负责人: Johanna Amann
• 金额: $ 66.36万
• 依托单位: International Computer Science Institute
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2015
• 资助国家: 美国
• 起止时间: 2015-09-01 至 2021-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1528156&HistoricalAwards=false
• 关键词: TWC; TTP; Option; Small; Understanding

The Transport Layer Security (TLS) protocol constitutes the key building block for today's Internet security and is, for example, used for encrypted web connections using the HTTPS protocol. However, from its first version in 1994 until today, researchers and practitioners keep discovering TLS deficiencies undermining the protocol's security on a regular basis. While the academic community has applied intense scrutiny to the TLS/X.509 ecosystem, much of such work depends on access to difficult to acquire representative data on the protocol's deployment and usage. This project leverages an already operating large-scale passive TLS traffic measurement effort that has been continuously collecting TLS information from live Internet uplinks of 8 large research institutions with about 390,000 users total. The current data set contains more than 100 billion observed TLS connections with more than 100 million unique certificates. This project expands the collection effort and uses both historic and new data to perform studies of current TLS ecosystem trends as well as what-if analyses of future developments.The new measurements will address different parts of the TLS ecosystem, including studying the impact of certificate revocation, non-HTTPS deployments of TLS, and applications masquerading as TLS without actually speaking it. Furthermore, leveraging historic data, the project examines trends in TLS usage and deployment like the evolution of TLS software, session resumption, and virtual hosting. Finally, the project combines historic and new measurements to drive a series of what-if analyses predicting the impact of upcoming and proposed ecosystem changes like OCSP stapling for certificate revocation and Google's Certificate transparency. In addition to these measurement efforts, the project offers a community service that makes the data collection accessible to researchers and practitioners by allowing them to run their own analyses on the data set using a mediation process.

传输层安全性（TLS）协议构成了当今Internet安全的关键构建块，例如，使用HTTPS协议用于加密Web连接。但是，从1994年的第一个版本到今天，研究人员和从业人员一直在定期发现TLS缺陷，以破坏协议的安全性。尽管学术界对TLS/X.509生态系统进行了严格的审查，但此类工作的大部分取决于难以获取有关该协议部署和使用的代表性数据。该项目利用已经运行的大规模被动TLS交通测量工作一直在不断从8家大型研究机构的实时互联网上行链路中收集TLS信息，总计约有390,000个用户。当前的数据集包含超过1000亿的TLS连接，并拥有超过1亿个独特证书。该项目扩大了收集工作，并同时使用历史和新数据来对当前TLS生态系统趋势以及对未来发展的分析进行研究。新测量将解决TLS生态系统的不同部分，包括研究证书的影响TLS的撤销，非HTTPS部署以及伪装成TLS的应用程序，而无需实际说话。此外，利用历史数据，该项目研究了TLS使用和部署的趋势，例如TLS软件的演变，会话恢复和虚拟托管。最后，该项目结合了历史性和新的测量结果，以推动一系列何种分析，以预测即将到来的和拟议的生态系统变化的影响，例如OCSP订书机证书撤销和Google的证书透明度。除了这些测量工作外，该项目还提供了社区服务，通过允许他们使用中介过程对数据集进行自己的分析，从而使研究人员和从业人员可以访问数据收集。