Armored Core of PKI: Remove Signing Keys for CA via Efficient and Trusted Physical Certification
Apr 24, 2024·,,,,,,·
1 min read
Xiaolin Zhang
Chenghao Chen
Kailun Qin
Yuxuan Wang
Shipei Qu
Tengfei Wang
Chi Zhang
Dawu Gu
Abstract
The signing key exposure of Certificate Authorities (CAs) remains a critical concern in PKI. These keys can be exposed by carefully designed attacks or operational errors even today. Traditional protections fail to eliminate such risk and one leaked key is enough to compromise the CA. This long-standing dilemma motivates us to consider removing CAs’ signing keys and propose Armored Core, the first PKI security extension using the trusted binding of Physically Unclonable Function (PUF) for certificate operations. It makes key exposure impossible by eliminating the digital signing keys in CA. To achieve this, we design a set of PUF-based X.509v3 certificate functions for CAs to generate physically trusted signatures without using a digital key. Moreover, we introduce a novel PUF transparency mechanism to effectively monitor the PUF operations in CAs. We integrate Armored Core into real-world PKI systems including Let’s Encrypt Pebble and Certbot. We also provide a PUF-embedded RISC-V CPU prototype. The evaluation results show that Armored Core can offer stronger security guarantees through signing key removal and without causing any extra overhead, but improves the overall performance by 11% on storage and 4.9%-73.7% on computation.
Type
Publication
arXiv
This paper is still under submission.