Monitoring Key Pair Usage through Distributed Ledgers and One-Time Signatures-Reference-Cited by-同舟云学术

Monitoring Key Pair Usage through Distributed Ledgers and One-Time Signatures

Published:2023-09-26 Issue:10 Volume:14 Page:523
ISSN:2078-2489
Container-title:Information
language:en
Short-container-title:Information

Author:

Mayr Lucas¹,Palma Lucas¹,Zambonin Gustavo¹,Silvano Wellington¹,Custódio Ricardo¹

Affiliation:

1. Departamento de Informática e Estatística, Universidade Federal de Santa Catarina, Florianópolis 88040-900, Brazil

Abstract

Private key management is a complex obstacle arising from the traditional public key infrastructure model. However, before any related security breach can be addressed, it must first be reliably detected. Certificate Transparency (CT) is an example of a certificate issuance monitoring strategy, developed to detect the possible malfeasance of certification authorities (CAs). To the best of our knowledge, CT and other detection mechanisms do not cover digitally signed documents made by an end user, which are also susceptible to CA misbehavior. We modify the CT framework to handle signed documents via logging certificates in the blockchain to enable the secure and user-friendly monitoring of one-time signatures, backdating protection, and effective CA misbehavior detection. Moreover, to demonstrate the feasibility of our proposal, we present distinct deployment scenarios and analyze the storage, performance, and monetary costs.

Funder

Coordenação de Aperfeicoamento de Pessoal de Nível Superior

Publisher

MDPI AG

Subject

Information Systems

Link

https://www.mdpi.com/2078-2489/14/10/523/pdf

Reference40 articles.

1. Kohnfelder, L.M. (1978). Towards a Practical Public-key Cryptosystem. [Bachelor’s Thesis, Massachusetts Institute of Technology].

2. DigiNotar: Dissecting the First Dutch Digital Disaster;J. Strateg. Secur.,2013

3. Laurie, B., Langley, A., Kasper, E., Messeri, E., and Stradling, R. (2023, August 20). Certificate Transparency Version 2.0. RFC 9162, Internet Engineering Task Force. Available online: https://www.rfc-editor.org/info/rfc9162.

4. Kampanakis, P., Panburana, P., Daw, E., and Geest, D.V. (2023, August 20). The Viability of Post-quantum X.509 Certificates; Cryptology ePrint Archive, Paper 2018/063; ISARA; 2018. Available online: https://www.isara.com/resource-center/the-viability-of-post-quantum-x.509-certificates.html.

5. W-OTS+—Shorter Signatures for Hash-Based Signature Schemes;Progress in Cryptology— AFRICACRYPT 2013 6th International Conference on Cryptology in Africa, Cairo, Egypt, 22–24 June 2013,2013