Explore the world of Certificate Transparency (CT) logs in this 33-minute conference talk from BSidesSF 2019. Dive deep into the mechanics of CT logs, their role in web security, and their potential for misuse. Learn how these append-only logs bring auditability and accountability to the public web certificate ecosystem. Discover the importance of CT logging in modern browsers like Chrome and its impact on the web's ecosystem. Investigate novel and potentially nefarious uses of CT logs, including their unexpected role as a repository for cat pictures. Gain insights into the structure of CT logs, Signed Certificate Timestamps (SCTs), and how they can be exploited. Through examples and demonstrations, understand concepts like public keys, persistent data storage, chunking, and cataloging in the context of CT logs. Conclude with a discussion on entropy, multi-domain certificates, and final thoughts on the implications of this technology for internet security and unexpected uses.
Overview
Syllabus
Intro
Alice and Bob
Certificate Authorities
Cats
Certificate Transparency
What is a CT Log
How does a CT Log protect us
What is an SCT
How SCT logs can be abused
Public keys
Persistent data storage
Example
Chunking
Catalog
Demo
Who is this person
Summary
Entropy
Googlecom
Multidomain ProPer
Wrap Up
Final Thoughts
Outro
Taught by
Security BSides San Francisco
