PoliCert: Secure and Flexible TLS Certificate Management
Staff - Faculty of Informatics
Start date: 7 March 2016
End date: 8 March 2016
|
|||||||||||
|
|
|||||||||||
| Abstract: | |||||||||||
|
The recently proposed concept of publicly verifiable logsis a promising approach for mitigating security issues and threats of the current Public-Key Infrastructure (PKI). Although much progress has been made towards a more secure infrastructure, the currently proposed approaches still suffer from security vulnerabilities, inefficiency, or incremental deployment challenges. In this paper we propose PoliCert, a comprehensive log-based and domain-oriented architecture that enhances the security of PKI by offering: a) stronger authentication of a domain's public keys, b) comprehensive and clean mechanisms for certificate management, and c) an incentivised incremental deployment plan. Surprisingly, our approach has proved fruitful in addressing other seemingly unrelated problems such as TLS-related error handling and client/server misconfiguration. |
|||||||||||
|
|
|||||||||||
| Biography: | |||||||||||
|
Pawel Szalachowski is currently a postdoctoral researcher in Network Security Group at ETH Zurich. He received his Ph.D. degree in Computer Science (2012) from Warsaw University of Technology, Poland. His research interests include the Internet security, public-key infrastructures, and applied cryptography. |
|||||||||||
|
|
|||||||||||
|
|||||||||||
