Projects per year
Abstract
The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certi_cate authority model, and consequent attacks.
Recent proposals using public logs have succeeded in making certi_cate management more transparent and veri_able. However, those proposals involve a _xed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs.
We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the oligopoly of service providers and allows veri_cation of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.
Recent proposals using public logs have succeeded in making certi_cate management more transparent and veri_able. However, those proposals involve a _xed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs.
We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the oligopoly of service providers and allows veri_cation of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.
Original language | English |
---|---|
Pages (from-to) | 1695-1713 |
Number of pages | 19 |
Journal | The Computer Journal |
Volume | 59 |
Issue number | 11 |
Early online date | 20 Jul 2016 |
DOIs | |
Publication status | Published - 3 Nov 2016 |
Keywords
- PKI
- SSL
- TLS
- key distribution
- certificate
- transparency
- trust
- formal verification
Fingerprint
Dive into the research topics of 'DTKI: a new formalized PKI with verifiable trusted parties'. Together they form a unique fingerprint.Projects
- 1 Finished
-
Leadership Fellowships 2009 : Analysing Security and Privacy Properties
Engineering & Physical Science Research Council
1/04/10 → 30/09/15
Project: Research Councils