DTKI: a new formalized PKI with verifiable trusted parties

Jiangshan Yu, Vincent Cheval, Mark Ryan

Research output: Contribution to journalArticlepeer-review

20 Citations (Scopus)
266 Downloads (Pure)

Abstract

The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certi_cate authority model, and consequent attacks.

Recent proposals using public logs have succeeded in making certi_cate management more transparent and veri_able. However, those proposals involve a _xed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs.

We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the oligopoly of service providers and allows veri_cation of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.
Original languageEnglish
Pages (from-to)1695-1713
Number of pages19
JournalThe Computer Journal
Volume59
Issue number11
Early online date20 Jul 2016
DOIs
Publication statusPublished - 3 Nov 2016

Keywords

  • PKI
  • SSL
  • TLS
  • key distribution
  • certificate
  • transparency
  • trust
  • formal verification

Fingerprint

Dive into the research topics of 'DTKI: a new formalized PKI with verifiable trusted parties'. Together they form a unique fingerprint.

Cite this