Computing That Serves

Leveraging Locality of Reference in Web Requests to Improve TLS Certificate Revocation

Luke Dickinson
MS Thesis Proposal

Wednesday, February 28, 3:00 PM
3346 TMCB
Advisor: Kent Seamons


TLS certificate revocation is required to mitigate man-in-the-middle attacks involving a compromised certificate. Most TLS certificate revocation strategies suffer from large client bandwidth requirements, only protect a small percentage of certificates, or are vulnerable to downgrade attacks when access to revocation information is critical. The remaining strategies have other debilitating weaknesses such as requiring significant infrastructure changes or opening new attack surfaces. As HTTPS adoption grows, some of these weaknesses are amplified. Because of these problems, modern desktop browsers today have disabled most TLS revocation validation and mobile browsers ignore it completely, leaving many users unprotected.
We propose a new TLS revocation strategy that minimizes the scalability concerns and downgrade attacks present in other revocation strategies. Current research suggests that members of a population, such as students and faculty at a university, often visit a similar set of websites. In addition, similar populations will only visit a small percentage of the total websites on the Internet. By taking advantage of the browsing habits of a population, we only require clients to download revocation information for sites they will visit. We propose to build a prototype of our design in combination with three distinct prediction models to explore their strengths and weaknesses. Each model will be evaluated based on its performance against a replay of real network traffic snapshots. The results will then be used to provide the security community with guidance for building revocation systems that leverage reference locality.