| Abstract | Domain validation is the primary method used by Certificate Authorities for affirming administrative control over a domain for issuing TLS certificates. Prior work has repeatedly shown its vulnerability to hijacking, prompting the use of multiple vantage points for validation. However, the use of static vantage points, as in Let s Encrypt s MultiVA system, is still subject to targeted attacks. Validators should therefore be both distributed and selected in an unpredictable fashion, which is expensive to achieve with dedicated infrastructure.We take a novel approach to tackle the limitations imposed by dedicated infrastructure on domain validation. We develop a system, dubbed ADDVent, that leverages advertisement networks (adnets) to recruit and orchestrate web clients as a massively distributed and unpredictably arranged set of validators, resistant to targeted hijacking. We experimentally demonstrate that, at lower cost than with dedicated infrastructure, ADDVent achieves performance comparable to Let s Encrypt. We characterize the effects of key parameters to control cost and throughput and we show that the system achieves less exposure to interception than the MultiVA deployment, through better distribution of validators.Since ADD Vent uses an untrusted pool of web clients, we discuss a variety of countermeasures to address possible manipulation through Sybil attacks, including methods based on the coordination of secrets between adnet and orchestration server for separating legitimate and malicious clients. |
|---|
