DTKI: a new formalized PKI with verifiable trusted parties

Jiangshan Yu, Vincent Cheval, Mark Ryan

Research output: Contribution to journalArticleResearchpeer-review

41 Citations (Scopus)

Abstract

The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certificate authority model, and consequent attacks. Recent proposals using public logs have succeeded in making certificate management more transparent and verifiable. However, those proposals involve a fixed set of authorities. This means an oligopoly is created. Another problem with current log-based system is their heavy reliance on trusted parties that monitor the logs. We propose a distributed transparent key infrastructure (DTKI), which greatly reduces the oligopoly of service providers and allows verification of the behaviour of trusted parties. In addition, this paper formalises the public log data structure and provides a formal analysis of the security that DTKI guarantees.

Original languageEnglish
Pages (from-to)1695-1713
Number of pages19
JournalThe Computer Journal
Volume59
Issue number11
DOIs
Publication statusPublished - 1 Nov 2016
Externally publishedYes

Keywords

  • Certificate
  • Formal verification
  • Key distribution
  • PKI
  • SSL
  • TLS
  • Transparency
  • Trust

Cite this