Paper 2014/600
DTKI: a new formalized PKI with no trusted parties
Jiangshan Yu, Vincent Cheval, and Mark Ryan
Abstract
The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certificate authority model, and consequent attacks. Recent proposals using public logs have succeeded in making certificate management more transparent and verifiable. How- ever, those proposals involve a fixed set of authorities which create a monopoly, and they have heavy reliance on trusted parties that monitor the logs. We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the monopoly of service providers and removes the reliance on trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.
Metadata
- Available format(s)
- -- withdrawn --
- Category
- Public-key cryptography
- Publication info
- Preprint.
- Keywords
- PKIcertificate security
- Contact author(s)
- jxy223 @ cs bham ac uk
- History
- 2014-11-14: withdrawn
- 2014-08-11: received
- See all versions
- Short URL
- https://ia.cr/2014/600
- License
-
CC BY