Paper 2013/595
Enhanced certificate transparency (how Johnny could encrypt)
Mark D. Ryan
Abstract
The ``certificate authority'' model for authenticating public keys of websites has been attacked in recent years, and several proposals have been made to reinforce it. We develop and extend ``certificate transparency'', a proposal in this direction, so that it efficiently handles certificate revocation. We show how this extension can be used to build a secure end-to-end email or messaging system using PKI with no requirement to trust certificate authorities, or to rely on complex peer-to-peer key-signing arrangements such as PGP. We believe this finally makes end-to-end encrypted email as usable as encrypted web browsing is today, addressing the concerns of a classic paper explaining the difficulties users face in encrypting emails (``Why Johnny can't encrypt'', 1999). Underlying these ideas is a new attacker model appropriate for cloud computing, which we call ``malicious-but-cautious''.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Preprint.
- Keywords
- public key certificates
- Contact author(s)
- m d ryan @ cs bham ac uk
- History
- 2013-12-16: revised
- 2013-09-14: received
- See all versions
- Short URL
- https://ia.cr/2013/595
- License
-
CC BY