InviCloak: An End-to-End Approach to Privacy and Performance in Web Content Distribution

TL;DR

InviCloak is a system that enhances web communication privacy and security by using DNS-based key distribution, enabling end-to-end encryption without requiring TLS modifications or CDN upgrades, with minimal impact on page load times.

Contribution

It introduces a practical DNS-based key distribution mechanism for web privacy that works within existing infrastructure and allows unilateral deployment by websites.

Findings

InviCloak adds minimal page load delay, increasing median PLT from 2.0s to 2.1s.

It provides end-to-end confidentiality even with active CDN attackers.

Outperforms state-of-the-art TEE-based solutions in latency.

Abstract

In today's web ecosystem, a website that uses a Content Delivery Network (CDN) shares its Transport Layer Security (TLS) private key or session key with the CDN. In this paper, we present the design and implementation of InviCloak, a system that protects the confidentiality and integrity of a user and a website's private communications without changing TLS or upgrading a CDN. InviCloak builds a lightweight but secure and practical key distribution mechanism using the existing DNS infrastructure to distribute a new public key associated with a website's domain name. A web client and a website can use the new key pair to build an encryption channel inside TLS. InviCloak accommodates the current web ecosystem. A website can deploy InviCloak unilaterally without a client's involvement to prevent a passive attacker inside a CDN from eavesdropping on their communications. If a client also installs InviCloak's browser extension, the client and the website can achieve end-to-end confidential and untampered communications in the presence of an active attacker inside a CDN. Our evaluation shows that InviCloak increases the median page load times (PLTs) of realistic web pages from 2.0s to 2.1s, which is smaller than the median PLTs (2.8s) of a state-of-the-art TEE-based solution.