27.03.2018

PAM'18: Best Paper Award

Best Paper Award at PAM 2018

The publication "In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements" has been awarded with the Best Paper Award at the Passive and Active Measurement Conference (PAM'18). The publication is the result of an international collaboration with Maciej Korczynski (Grenoble Alps University and Delft University of Technology) and Ralph Holz (University of Sydney).

The publication evaluates the security of certificate in Certificate Transparency (CT) logs. The team downloads 600 million certificate entries from 30 different CT logs and evaluates their compliance to the industry's Baseline Requirements. The Baseline Requirements define standards for HTTPS certificates and issuing processes, such as minimum key lengths or maximum duration of certificates. Additionally, the authors perform active HTTPS measurements and compare CT logs to actual deployment spanning from 2009 to 2017. Moreover, the team analyzes inclusion of non-HTTPS certificates and CT logs and provides a CT-extended IPv6 hitlist for public download.

2018-03-01 Oliver Gasser, Benjamin Hof, Max Helm, Maciej Korczynski, Ralph Holz, Georg Carle, “In Log We Trust: Revealing Poor Security Practices with Certificate Transparency Logs and Internet Measurements,” in Proceedings of the Passive and Active Measurement Conference (PAM 2018), Best Paper Award, Berlin, Germany, Mar. 2018. [Url] [Pdf] [Slides] [Sourcecode] [Rawdata] [Blog] [Bib]