Paper 2019/807
Provable Security for PKI Schemes
Abstract
PKI schemes provide a critical foundation for applied cryptographic protocols. However, there are no rigorous security specifications for realistic PKI schemes, and therefore, no PKI schemes were proven secure. Cryptographic systems that use PKI are analyzed by adopting overly simplified models of the PKI, often, simply assuming securely-distributed public keys. This is problematic given the extensive reliance on PKI, the multiple failures of PKI systems, and the complexity of both proposed and deployed systems, which involve complex requirements and models. We present game-based security specifications for PKI schemes, and analyze important and widely deployed PKIs: PKIX and two variants of Certificate Transparency (CT). All PKIs are based on the X.509v3 standard and its CRL revocation mechanism. Our analysis identified few subtle vulnerabilities, and provides reduction-based proofs showing that the PKIs ensure specific requirements under specific models (assumptions). To our knowledge, this is the first reduction-based proof of security for a realistic PKI scheme, e.g., supporting certificate chains.
Metadata
- Available format(s)
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. To appear in ACM SIGSAC CCS 2024
- Keywords
- public-key infrastrctureprovable-security
- Contact author(s)
-
sara wrotniak @ uconn edu
leibo hemi @ gmail com
ewa syta @ trincoll edu
amir herzberg @ gmail com - History
- 2024-05-14: last of 8 revisions
- 2019-07-14: received
- See all versions
- Short URL
- https://ia.cr/2019/807
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/807, author = {Sara Wrótniak and Hemi Leibowitz and Ewa Syta and Amir Herzberg}, title = {Provable Security for {PKI} Schemes}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/807}, year = {2019}, url = {https://eprint.iacr.org/2019/807} }