DTKI: a new formalized PKI with verifiable trusted parties

Research output: Contribution to journalArticle

Authors

Colleges, School and Institutes

External organisations

  • CNRS, Loria, UMR 7503, Vandoeuvre-lès-Nancy,

Abstract

The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certi_cate authority model, and consequent attacks.
Recent proposals using public logs have succeeded in making certi_cate management more transparent and veri_able. However, those proposals involve a _xed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs.
We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the oligopoly of service providers and allows veri_cation of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.

Details

Original languageEnglish
Pages (from-to)1695-1713
Number of pages19
JournalThe Computer Journal
Volume59
Issue number11
Early online date20 Jul 2016
Publication statusPublished - 3 Nov 2016

Keywords

  • PKI, SSL, TLS, key distribution, certificate, transparency, trust, formal verification