Sciweavers

IACR
2016

Server Notaries: A Complementary Approach to the Web PKI Trust Model

8 years 7 months ago
Server Notaries: A Complementary Approach to the Web PKI Trust Model
Abstract. SSL/TLS is the de facto protocol for providing secure communication over the Internet. It relies on the Web PKI model for authentication and secure key exchange. Despite its relatively successful past, the number of Web PKI incidents observed have increased recently. These incidents revealed the risks of forged certificates issued by certificate authorities without the consent of the domain owners. Several solutions have been proposed to solve this problem, but no solution has yet received widespread adaption due to complexity and deployability issues. In this paper, we propose a practical mechanism that enables servers to get their certificate views across the Internet, making detection of a certificate substitution attack possible. The origin of the certificate substitution attack can also be located by this mechanism. We have conducted simulation experiments and evaluated our proposal using publicly available, real-world BGP data. We have obtained promising results on...
Emre Yüce, Ali Aydin Selçuk
Added 03 Apr 2016
Updated 03 Apr 2016
Type Journal
Year 2016
Where IACR
Authors Emre Yüce, Ali Aydin Selçuk
Comments (0)