How to Time-Stamp a Digital Document
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
You've been warned: an empirical study of the effectiveness of web browser phishing warnings
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Perspectives: improving SSH-style host authentication with multi-path probing
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
Crying wolf: an empirical study of SSL warning effectiveness
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
SCION: Scalability, Control, and Isolation on Next-Generation Networks
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Rethinking SSL development in an appified world
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Recent trends in public-key infrastructure research explore the tradeoff between decreased trust in Certificate Authorities (CAs), resilience against attacks, communication overhead (bandwidth and latency) for setting up an SSL/TLS connection, and availability with respect to verifiability of public key information. In this paper, we propose AKI as a new public-key validation infrastructure, to reduce the level of trust in CAs. AKI integrates an architecture for key revocation of all entities (e.g., CAs, domains) with an architecture for accountability of all infrastructure parties through checks-and-balances. AKI efficiently handles common certification operations, and gracefully handles catastrophic events such as domain key loss or compromise. We propose AKI to make progress towards a public-key validation infrastructure with key revocation that reduces trust in any single entity.