Certificate Transparency with Privacy-Reference-Cited by-同舟云学术

Certificate Transparency with Privacy

Published:2017-10-01 Issue:4 Volume:2017 Page:329-344
ISSN:2299-0984
Container-title:Proceedings on Privacy Enhancing Technologies
language:en
Short-container-title:

Author:

Eskandarian Saba¹,Messeri Eran,Bonneau Joseph,Boneh Dan

Affiliation:

1. Stanford University

Abstract

Abstract Certificate transparency (CT) is an elegant mechanism designed to detect when a certificate authority (CA) has issued a certificate incorrectly. Many CAs now support CT and it is being actively deployed in browsers. However, a number of privacy-related challenges remain. In this paper we propose practical solutions to two issues. First, we develop a mechanism that enables web browsers to audit a CT log without violating user privacy. Second, we extend CT to support non-public subdomains.

Publisher

Walter de Gruyter GmbH

Subject

General Medicine

Reference51 articles.

1. [1] Certificate transparency policy (google groups). groups.google.com/a/chromium.org/forum/#!forum/ct-policy.

2. [2] Heather Adkins. An update on attempted man-in-the-middle attacks, 2011. security.googleblog.com/2011/08/update-on-attempted-man-in-middle.html.

3. [3] David Basin, Cas Cremers, Tiffany Hyun-Jin Kim, Adrian Perrig, Ralf Sasse, and Pawel Szalachowski. Arpki: Attack resilient public-key infrastructure. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 382–393. ACM, 2014.

4. [4] David A. Basin, Cas J. F. Cremers, Tiffany Hyun-Jin Kim, Adrian Perrig, Ralf Sasse, and Pawel Szalachowski. ARPKI: attack resilient public-key infrastructure. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, November 3-7, 2014, pages 382–393, 2014.

5. [5] Dan Boneh, Xavier Boyen, and Hovav Shacham. Short group signatures. In Advances in Cryptology - CRYPTO 2004, 24th Annual International CryptologyConference, Santa Barbara, California, USA, August 15-19, 2004, Proceedings, pages 41–55, 2004.

Cited by 30 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Semi-CT: Certificates Transparent to Identity Owners but Opaque to Snoopers;2023 IEEE Symposium on Computers and Communications (ISCC);2023-07-09

2. ImCT: A Feasible Scheme for Deploying Implicit Certificates with Certificate Transparency in IoT;2023 32nd International Conference on Computer Communications and Networks (ICCCN);2023-07

3. MPCAuth: Multi-factor Authentication for Distributed-trust Systems;2023 IEEE Symposium on Security and Privacy (SP);2023-05

4. A Survey on X.509 Public-Key Infrastructure, Certificate Revocation, and Their Modern Implementation on Blockchain and Ledger Technologies;IEEE Communications Surveys & Tutorials;2023

5. VeRSA;Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security;2022-11-07