Short-Lived Forward-Secure Delegation for TLS
This addresses the problem of secure delegation for web services using CDNs, offering an incremental improvement over existing workarounds.
The paper tackles the challenge of authenticating TLS connections when using Content Delivery Networks (CDNs) without sharing secret keys, by proposing a solution based on identity-based signatures that offers short-lived delegations with forward security. The result is an efficient implementation that incurs less overhead than a typical network round trip.
On today's Internet, combining the end-to-end security of TLS with Content Delivery Networks (CDNs) while ensuring the authenticity of connections results in a challenging delegation problem. When CDN servers provide content, they have to authenticate themselves as the origin server to establish a valid end-to-end TLS connection with the client. In standard TLS, the latter requires access to the secret key of the server. To curb this problem, multiple workarounds exist to realize a delegation of the authentication. In this paper, we present a solution that renders key sharing unnecessary and reduces the need for workarounds. By adapting identity-based signatures to this setting, our solution offers short-lived delegations. Additionally, by enabling forward-security, existing delegations remain valid even if the server's secret key leaks. We provide an implementation of the scheme and discuss integration into a TLS stack. In our evaluation, we show that an efficient implementation incurs less overhead than a typical network round trip. Thereby, we propose an alternative approach to current delegation practices on the web.