Paper 2014/600

DTKI: a new formalized PKI with no trusted parties

Jiangshan Yu, Vincent Cheval, and Mark Ryan

Abstract

The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certificate authority model, and consequent attacks. Recent proposals using public logs have succeeded in making certificate management more transparent and verifiable. How- ever, those proposals involve a fixed set of authorities which create a monopoly, and they have heavy reliance on trusted parties that monitor the logs. We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the monopoly of service providers and removes the reliance on trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.

Metadata
Available format(s)
-- withdrawn --
Category
Public-key cryptography
Publication info
Preprint.
Keywords
PKIcertificate security
Contact author(s)
jxy223 @ cs bham ac uk
History
2014-11-14: withdrawn
2014-08-11: received
See all versions
Short URL
https://ia.cr/2014/600
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.