Filters








11,903 Hits in 2.7 sec

Accountable and Transparent TLS Certificate Management: An Alternate Public-Key Infrastructure with Verifiable Trusted Parties

Salabat Khan, Zijian Zhang, Liehuang Zhu, Meng Li, Qamas Gul Khan Safi, Xiaobing Chen
2018 Security and Communication Networks  
Among them, Certificate Authority (CA) is the central and most trusted entity. However, recent compromises of CA result in the desire for some other secure and transparent alternative approaches.  ...  To distribute the trust and mitigate the threats and security issues of current PKI, publicly verifiable log-based approaches have been proposed.  ...  Acknowledgments This work is partially supported by China National Key Research and Development Program no. 2016YFB0800301 and National Natural Science Foundation of China "NSFC" no. 61300177.  ... 
doi:10.1155/2018/8527010 fatcat:shkp4rwzmvc23jgxiohuri26vu

Certificate Transparency with Enhancements and Short Proofs [article]

Abhishek Singh and Binanda Sengupta and Sushmita Ruj
2017 arXiv   pre-print
We provide proofs of security and evaluate the performance of our scheme.  ...  Google proposed certificate transparency which is an open framework to monitor and audit certificates in real time.  ...  transparency schemes.  ... 
arXiv:1704.04937v2 fatcat:dafnfckyifathprwhgonf44x5u

Certificate Transparency with Privacy

Saba Eskandarian, Eran Messeri, Joseph Bonneau, Dan Boneh
2017 Proceedings on Privacy Enhancing Technologies  
Certificate transparency (CT) is an elegant mechanism designed to detect when a certificate authority (CA) has issued a certificate incorrectly.  ...  First, we develop a mechanism that enables web browsers to audit a CT log without violating user privacy. Second, we extend CT to support non-public subdomains.  ...  Opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of DARPA.  ... 
doi:10.1515/popets-2017-0052 dblp:journals/popets/EskandarianMBB17 fatcat:ky75gtoeere4bk6stddj3j3xvi

Certificate Transparency with Privacy [article]

Saba Eskandarian, Eran Messeri, Joseph Bonneau, Dan Boneh
2017 arXiv   pre-print
Certificate transparency (CT) is an elegant mechanism designed to detect when a certificate authority (CA) has issued a certificate incorrectly.  ...  First, we develop a mechanism that enables web browsers to audit a CT log without violating user privacy. Second, we extend CT to support non-public subdomains.  ...  Opinions, findings and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of DARPA.  ... 
arXiv:1703.02209v4 fatcat:4rxoksuwmfexpjynqzkpy74pva

Attack-Resilient TLS Certificate Transparency

Salabat Khan, Liehuang Zhu, Zijian Zhang, Mussadiq Abdul Rahim, Khalid Khan, Meng Li
2020 IEEE Access  
Google Certificate Transparency and subsequent log-based PKI proposals (e.g., AKI and ARPKI) have succeeded in making certificate-management processes more transparent, accountable, and verifiable.  ...  This study presents Attack-Resilient TLS Certificate Transparency (ARCT) based on log servers to address these problems.  ...  Certificate Transparency (CT) [4] , [5] is a scheme proposed by Google to make the problem of false TLS certificates detection easier by registering all TLS certificates on a public log maintained in  ... 
doi:10.1109/access.2020.2996997 fatcat:y3xxu65uozd7zlr3vxty2j2vsm

Associative Blockchain for Decentralized PKI Transparency

Xavier Boyen, Udyani Herath, Matthew McKague, Douglas Stebila
2021 Cryptography  
Our technical contributions include definitions for append-only associative ledgers, a security model for certificate transparency, and a formal analysis of our DPKIT construction with respect to the same  ...  certificates and revocations for any domain.  ...  Here, we compare the security properties of these schemes to our own. First, consider PKI transparency systems, such as certificate transparency and the SSL observatory.  ... 
doi:10.3390/cryptography5020014 fatcat:hh2jr4hd6ncwrjvul24quoavdu

Attestation Transparency

Jethro G. Beekman, John L. Manferdelli, David Wagner
2016 Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security - ASIA CCS '16  
On top of that, we augment Certificate Transparency to distribute information about which services exist and what they do.  ...  Internet services can provide a wealth of functionality, yet their usage raises privacy, security and integrity concerns for users.  ...  This work was supported by Intel through the ISTC for Secure Computing, AFOSR under MURI award FA9550-12-1-0040, and NSF under CCF-0424422.  ... 
doi:10.1145/2897845.2897895 dblp:conf/ccs/BeekmanMW16 fatcat:tfcnuuch2ramplztvrn2tglkyu

Supply Chain Management, Certificate Management at the Transportation Layer Security in Charge of Security

Tsara Ayuninggati, Eka Purnama Harahap, Mulyati, Raihan Junior
2021 Blockchain Frontier Technology  
The above-mentioned blockchain-based public key infrastructure scheme and registry are used for security and governance analysis.  ...  In the public key infrastructure, the certification authority is fully trusted, and the security of the public key infrastructure depends on the trust of the certification authority; however, recent attacks  ...  Acknowledgments With high enthusiasm and motivation to work on a journal entitled "Blockchain Technology as a Media for Sharing Information that Generates User Access Rights and  ... 
doi:10.34306/bfront.v1i01.3 fatcat:zzgyarraorea3jgp47ovtvctvq

BlockPKI: An Automated, Resilient, and Transparent Public-Key Infrastructure

Lukasz Dykcik, Laurent Chuat, Pawel Szalachowski, Adrian Perrig
2018 2018 IEEE International Conference on Data Mining Workshops (ICDMW)  
This paper describes BlockPKI, a blockchain-based public-key infrastructure that enables an automated, resilient, and transparent issuance of digital certificates.  ...  In particular, we aim at reducing the power of individual certification authorities and make their actions publicly visible and accountable, without introducing yet another trusted third party.  ...  We gratefully acknowledge support from ETH Zurich and from the Zurich Information Security and Privacy Center (ZISC). Pawel's work was supported by the SUTD SRG ISTD 2017 128 grant.  ... 
doi:10.1109/icdmw.2018.00022 dblp:conf/icdm/DykcikCSP18 fatcat:5wgukggqyfcrfl3ecvlscvf6xa

T3AB: Transparent and Trustworthy Third-party Authority using Blockchain [article]

Runhua Xu, Chao Li, James Joshi
2021 arXiv   pre-print
In particular, security related services and infrastructures such as Certificate Authorities (CAs) that provide digital certificate service and Third-Party Authorities (TPAs) that provide cryptographic  ...  In this paper, we propose a Transparent and Trustworthy TPA using Blockchain (T3AB) to provide transparency and accountability to the trusted third-party entities, such as honest-but-curious third-party  ...  Besides, the cost of inspection for key service and public parameter audit obligations is 2.4 × 10 5 gas and 3.7 × 10 5 gas, respectively.  ... 
arXiv:2102.01249v2 fatcat:7rqodjdo7bbahhy6aal2csvsei

SoK: Delegation and Revocation, the Missing Links in the Web's Chain of Trust [article]

Laurent Chuat, AbdelRahman Abdou, Ralf Sasse, Christoph Sprenger, David Basin, Adrian Perrig
2020 arXiv   pre-print
For this purpose, we propose a 19-criteria framework for characterizing revocation and delegation schemes.  ...  Regrettably, most traditional certificate revocation schemes suffer from latency, availability, or privacy problems.  ...  Additionally, proxy certificates need not be logged by Certificate Transparency servers, solving the problem of log servers disclosing private subdomains [17] , [48] .  ... 
arXiv:1906.10775v2 fatcat:hsi6whdv6jb25jc3qp43f7obka

Postcertificates for Revocation Transparency [article]

Nikita Korzhitskii, Matus Nemec, Niklas Carlsson
2022 arXiv   pre-print
We propose and evaluate a new revocation transparency protocol that introduces postcertificates and utilizes the existing Certificate Transparency (CT) logs.  ...  In practice, the problem of secure revocation is still open. Furthermore, the existing procedures do not leave a transparent and immutable revocation history.  ...  Certificate Transparency [31] and Revocation Transparency [30] were originally proposed by Google.  ... 
arXiv:2203.02280v1 fatcat:em2uyzh6kfccfiewptl6gx3nhm

PKI Safety Net (PKISN): Addressing the Too-Big-to-Be-Revoked Problem of the TLS Ecosystem

Pawel Szalachowski, Laurent Chuat, Adrian Perrig
2016 2016 IEEE European Symposium on Security and Privacy (EuroS&P)  
Transparency) and revocations.  ...  Moreover, we present a complete implementation and evaluation of our scheme.  ...  We gratefully acknowledge support from ETH Zurich and from the Zurich Information Security and Privacy Center (ZISC).  ... 
doi:10.1109/eurosp.2016.38 dblp:conf/eurosp/SzalachowskiCP16 fatcat:xnrnmtgaoffcxkfrq5ig5ozuyq

Transparency Overlays and Applications

Melissa Chase, Sarah Meiklejohn
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
We begin with a formal model for transparency overlays, and then go on to present an abstract transparency overlay and prove its security.  ...  We also demonstrate that our formal notion of security implies more intuitive notions of security in this setting (i.e., that users should accept only "good" certificates) and discuss some practical considerations  ...  If the DLC is secure in the augmented setting and the signature scheme is unforgeable (i.e., EUF-CMA secure), then the modified protocols and algorithms described above comprise a secure basic transparency  ... 
doi:10.1145/2976749.2978404 dblp:conf/ccs/ChaseM16 fatcat:u2teg7ozoraediej5pbvqs6zou

Device Attacker Models: Fact and Fiction [chapter]

Jiangshan Yu, Mark D. Ryan
2015 Lecture Notes in Computer Science  
This paper proposes a solution to make the usage of private keys by attackers detectable by using public transparently-maintained logs to monitor the usage of long-term secret keys.  ...  According to standard fiction, a user is able to securely keep long term keys on his device.  ...  Acknowledgements The authors thank Ross Anderson, Daniel Thomas, and all other attendees of International Workshop on Security Protocols for their comments and discussions.  ... 
doi:10.1007/978-3-319-26096-9_17 fatcat:fkkvfuerdnatlpaqtafdhgumxi
« Previous Showing results 1 — 15 out of 11,903 results