DTKI: A New Formalized PKI with Verifiable Trusted PartiesReportar como inadecuado

DTKI: A New Formalized PKI with Verifiable Trusted Parties - Descarga este documento en PDF. Documentación en PDF para descargar gratis. Disponible también para leer online.

1 School of Computer Science Birmingham 2 PESTO - Proof techniques for security protocols Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods

Abstract : The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certificate authority model, and consequent attacks. Recent proposals using public logs have succeeded in making certificate management more transparent and verifiable. However, those proposals involve a fixed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs. We propose a distributed transparent key infrastructure DTKI, which greatly reduces the oligopoly of service providers and allows verification of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.

Keywords : formal verification trust certificate transparency PKI SSL TLS key distribution

Autor: Jiangshan Yu - Vincent Cheval - Mark Ryan -

Fuente: https://hal.archives-ouvertes.fr/


Documentos relacionados