DTKI: a new formalized PKI with verifiable trusted parties

Research output: Contribution to journalArticlepeer-review

Standard

DTKI : a new formalized PKI with verifiable trusted parties. / Yu, Jiangshan; Cheval, Vincent; Ryan, Mark.

In: The Computer Journal, Vol. 59, No. 11, 03.11.2016, p. 1695-1713.

Research output: Contribution to journalArticlepeer-review

Harvard

APA

Vancouver

Author

Yu, Jiangshan ; Cheval, Vincent ; Ryan, Mark. / DTKI : a new formalized PKI with verifiable trusted parties. In: The Computer Journal. 2016 ; Vol. 59, No. 11. pp. 1695-1713.

Bibtex

@article{3ca1fc8816fe49e6b5fd01a39544412e,
title = "DTKI: a new formalized PKI with verifiable trusted parties",
abstract = "The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certi_cate authority model, and consequent attacks. Recent proposals using public logs have succeeded in making certi_cate management more transparent and veri_able. However, those proposals involve a _xed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs. We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the oligopoly of service providers and allows veri_cation of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees. ",
keywords = "PKI, SSL, TLS, key distribution, certificate, transparency, trust, formal verification",
author = "Jiangshan Yu and Vincent Cheval and Mark Ryan",
year = "2016",
month = nov,
day = "3",
doi = "10.1093/comjnl/bxw039",
language = "English",
volume = "59",
pages = "1695--1713",
journal = "The Computer Journal",
issn = "0010-4620",
publisher = "Oxford University Press",
number = "11",

}

RIS

TY - JOUR

T1 - DTKI

T2 - a new formalized PKI with verifiable trusted parties

AU - Yu, Jiangshan

AU - Cheval, Vincent

AU - Ryan, Mark

PY - 2016/11/3

Y1 - 2016/11/3

N2 - The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certi_cate authority model, and consequent attacks. Recent proposals using public logs have succeeded in making certi_cate management more transparent and veri_able. However, those proposals involve a _xed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs. We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the oligopoly of service providers and allows veri_cation of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.

AB - The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certi_cate authority model, and consequent attacks. Recent proposals using public logs have succeeded in making certi_cate management more transparent and veri_able. However, those proposals involve a _xed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs. We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the oligopoly of service providers and allows veri_cation of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.

KW - PKI

KW - SSL

KW - TLS

KW - key distribution

KW - certificate

KW - transparency

KW - trust

KW - formal verification

U2 - 10.1093/comjnl/bxw039

DO - 10.1093/comjnl/bxw039

M3 - Article

VL - 59

SP - 1695

EP - 1713

JO - The Computer Journal

JF - The Computer Journal

SN - 0010-4620

IS - 11

ER -