Checks and balances: A tripartite public key infrastructure for secure web-based connections

Chen, Jing; Yao, Shixiong; Yuan, Quan; Du, Ruxu; Xue, Guoliang

doi:10.1109/infocom.2017.8057201

Cited by 11 publications

(6 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, ARPKI has no support for multi-domain certificates, and it has an extra delay because of the involvement of all designated parties in all processes [49]. TriPKI [50] utilized a threshold-signature scheme among a list of trusted CAs, trusted DNSes, and trusted LSes to distribute trust and assure secure communication. Reference [50] substitutes third-party validators with DNSes and adopts checks-and-balances among the trusted set of CAs, DNSes, and LSes to watch each other behavior.…”

Section: Related Workmentioning

confidence: 99%

Attack-Resilient TLS Certificate Transparency

et al. 2020

View full text Add to dashboard Cite

The security of Public-Key Infrastructure (PKI) for Internet-based communications has lately attracted researchers' attention because of Certification Authorities (CAs) crashes and consequent attacks. Google Certificate Transparency and subsequent log-based PKI proposals (e.g., AKI and ARPKI) have succeeded in making certificate-management processes more transparent, accountable, and verifiable. However, those proposals failed to solve the root CA generous delegation of trust to intermediate CAs, non-conformant certificate-issuance by them, and lack of rigorous authentication of domain ownership during certificate-issuance problems. This study presents Attack-Resilient TLS Certificate Transparency (ARCT) based on log servers to address these problems. ARCT enables root CA to enforce intermediate CAs to follow community standards through leveraging a log server at each root level. It also introduces a collaborative domain ownership verification method that deters false certificate-issuance and ensures that a set of CAs validates every certificate before any client will accept it. A certificate collectively approved by a set of CAs assures users that the certificate has been seen, and not instantly detected malicious, by a group of CAs. Finally, formal security and performance evaluations prove the reliability and effectiveness of ARCT.

show abstract

Section: Related Workmentioning

confidence: 99%

Attack-Resilient TLS Certificate Transparency

et al. 2020

View full text Add to dashboard Cite

show abstract

“…It also distributes trust among multiple entities, cross‐checks the behavior of one with those of others, and involves all parties in every process. TriPKI 53 leverage threshold‐signature algorithm among CAs, DNSs, and ILSs to distribute trust and ensure secure communication. Their scheme replaces third‐party validators with DNSs and introduces checks‐and‐balances among the CAs, DNSs, and ILSs to detect each other misbehavior.…”

Section: Related Workmentioning

confidence: 99%

SCM: Secure and accountable TLS certificate management

Khan

Zhang

Zhu

et al. 2020

Int J Communication

View full text Add to dashboard Cite

Summary In classical public‐key infrastructure (PKI), the certificate authorities (CAs) are fully trusted, and the security of the PKI relies on the trustworthiness of the CAs. However, recent failures and compromises of CAs showed that if a CA is corrupted, fake certificates may be issued, and the security of clients will be at risk. As emerging solutions, blockchain‐ and log‐based PKI proposals potentially solved the shortcomings of the PKI, in particular, eliminating the weakest link security and providing a rapid remedy to CAs' problems. Nevertheless, log‐based PKIs are still exposed to split‐world attacks if the attacker is capable of presenting two distinct signed versions of the log to the targeted victim(s), while the blockchain‐based PKIs have scaling and high‐cost issues to be overcome. To address these problems, this paper presents a secure and accountable transport layer security (TLS) certificate management (SCM), which is a next‐generation PKI framework. It combines the two emerging architectures, introducing novel mechanisms, and makes CAs and log servers accountable to domain owners. In SCM, CA‐signed domain certificates are stored in log servers, while the management of CAs and log servers is handed over to a group of domain owners, which is conducted on the blockchain platform. Different from existing blockchain‐based PKI proposals, SCM decreases the storage cost of blockchain from several hundreds of GB to only hundreds of megabytes. Finally, we analyze the security and performance of SCM and compare SCM with previous blockchain‐ and log‐based PKI schemes.

show abstract

“…If one CA is compromised, the process of certificate registration may need to restart. Chen et al [1] design a tripartite PKI system called TriPKI by bringing in the DNSs and Integrity Log servers (ILSs) to assist CA in managing certificates. Through the threshold signature algorithm among multiple entities, the system can tolerate the failure of a certain number of CAs or other entities.…”

Section: A Disperse the Trust Of Camentioning

confidence: 99%

“…However, real-world attacks have indicated the vulnerability of the existing CA [1]. Intuitively, if a CAs has been attacked, a malicious web server may get a verifiable certificate.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

PBCert: Privacy-Preserving Blockchain-Based Certificate Status Validation Toward Mass Storage Management

Yao

Chen

et al. 2019

IEEE Access

Self Cite

View full text Add to dashboard Cite

In the recent years, the vulnerabilities of conventional public key infrastructure are exposed by the real-world attacks, such as the certificate authority's single-point-of-failure or clients' private information leakage. Aimed at the first issue, one type of approach is that multiple entities are introduced to assist the certificate operations, including registration, update, and revocation. However, it is inefficient in computation. Another type is to make the certificate information publicly visible by bringing in the log servers. Nevertheless, the data synchronization among log servers may lead to network latency. Based on the second approach, the blockchain-based public key infrastructure schemes are proposed. Through these type of schemes, all the certificate operations are stored in the blockchain for public audit. However, the issue of revoked certificates' status storage is worth paying attention, especially in the setting with massive certificates. In addition, the target web server that a client wants to access is exposed in the process of certificate status validation. In this paper, we propose a privacy-preserving blockchain-based certificate status validation scheme called PBCert to solve these two issues. First, we separate the revoked certificates control and storage plane. Only the minimal control information (namely, certificate hashes and related operation block height) is stored in the blockchain and it uses external data stores for the detailed information about all revoked certificates. Second, we design an obscure response to the clients' certificate status query for the purpose of privacy preserving. Through the security analysis and experiment evaluation, our scheme is significant in practice. INDEX TERMSPublic key infrastructure, blockchain, revocation mechanism, privacy-preserving.

show abstract

Checks and balances: A tripartite public key infrastructure for secure web-based connections

Cited by 11 publications

References 15 publications

Attack-Resilient TLS Certificate Transparency

Attack-Resilient TLS Certificate Transparency

SCM: Secure and accountable TLS certificate management

PBCert: Privacy-Preserving Blockchain-Based Certificate Status Validation Toward Mass Storage Management

Contact Info

Product

Resources

About