English
Related papers

Related papers: Postcertificates for Revocation Transparency

200 papers

The modern Internet is highly dependent on the trust communicated via X.509 certificates. However, in some cases certificates become untrusted and it is necessary to revoke them. In practice, the problem of secure certificate revocation has…

Networking and Internet Architecture · Computer Science 2022-04-08 Nikita Korzhitskii , Niklas Carlsson

Certificate transparency (CT) is an elegant mechanism designed to detect when a certificate authority (CA) has issued a certificate incorrectly. Many CAs now support CT and it is being actively deployed in browsers. However, a number of…

Cryptography and Security · Computer Science 2017-08-08 Saba Eskandarian , Eran Messeri , Joseph Bonneau , Dan Boneh

The Web public key infrastructure is essential to providing secure communication on the Internet today, and certificate authorities play a crucial role in this ecosystem by issuing certificates. These authorities may misissue certificates…

Cryptography and Security · Computer Science 2022-03-04 Sarah Meiklejohn , Joe DeBlasio , Devon O'Brien , Chris Thompson , Kevin Yeo , Emily Stark

The level of trust accorded to certification authorities has been decreasing over the last few years as several cases of misbehavior and compromise have been observed. Log-based approaches, such as Certificate Transparency, ensure that…

Cryptography and Security · Computer Science 2016-01-06 Laurent Chuat , Pawel Szalachowski , Adrian Perrig , Ben Laurie , Eran Messeri

Anonymity revocation is an essential component of credential issuing systems since unconditional anonymity is incompatible with pursuing and sanctioning credential misuse. However, current anonymity revocation approaches have shortcomings…

Cryptography and Security · Computer Science 2019-08-13 Rujia Li , David Galindo , Qi Wang

In this paper, we analyze the evolution of Certificate Transparency (CT) over time and explore the implications of exposing certificate DNS names from the perspective of security and privacy. We find that certificates in CT logs have seen…

Networking and Internet Architecture · Computer Science 2018-11-12 Quirin Scheitle , Oliver Gasser , Theodor Nolte , Johanna Amann , Lexi Brent , Georg Carle , Ralph Holz , Thomas C. Schmidt , Matthias Wählisch

Although TLS is used on a daily basis by many critical applications, the public-key infrastructure that it relies on still lacks an adequate revocation mechanism. An ideal revocation mechanism should be inexpensive, efficient, secure, and…

Cryptography and Security · Computer Science 2016-08-31 Pawel Szalachowski , Laurent Chuat , Taeho Lee , Adrian Perrig

Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting malicious websites if they are provisioned with mistakenly issued certificates or certificates…

Cryptography and Security · Computer Science 2017-07-21 Abhishek Singh , Binanda Sengupta , Sushmita Ruj

In a public-key infrastructure (PKI), clients must have an efficient and secure way to determine whether a certificate was revoked (by an entity considered as legitimate to do so), while preserving user privacy. A few certification…

Cryptography and Security · Computer Science 2016-06-02 Pawel Szalachowski , Laurent Chuat , Adrian Perrig

Internet security and privacy stand on the trustworthiness of public certificates signed by Certificate Authorities (CAs). However, software products do not trust the same CAs and therefore maintain different root stores, each typically…

Networking and Internet Architecture · Computer Science 2021-02-01 Nikita Korzhitskii , Niklas Carlsson

Research in the field of electronic signature confirmation has been active for some 20 years now. Unfortunately present certificate-based solutions also come from that age when no-one knew about online data transmission. The official…

Cryptography and Security · Computer Science 2007-05-23 Jan Willemson

Electronic documents are signed using private keys and verified using the corresponding digital certificates through the well-known public key infrastructure model. Private keys must be kept in a safe container so they can be reused. This…

Cryptography and Security · Computer Science 2024-08-02 Lucas Mayr , Gustavo Zambonin , Frederico Schardong , Ricardo Custódio

Trust in publicly verifiable Certificate Transparency (CT) logs is reduced through cryptography, gossip, auditing, and monitoring. The role of a monitor is to observe each and every log entry, looking for suspicious certificates that…

Cryptography and Security · Computer Science 2018-10-30 Rasmus Dahlberg , Tobias Pulls

In conventional PKI, CAs are assumed to be fully trusted. However, in practice, CAs' absolute responsibility for providing trustworthiness caused major security and privacy issues. To prevent such issues, Google introduced the concept of…

Cryptography and Security · Computer Science 2018-10-02 Murat Yasin Kubilay , Mehmet Sabir Kiraz , Haci Ali Mantar

Like any digital certificate, Verifiable Credentials (VCs) require a way to revoke them in case of an error or key compromise. Existing solutions for VC revocation, most prominently Bitstring Status List, are not viable for many use cases…

Cryptography and Security · Computer Science 2025-09-19 Felix Hoops , Jonas Gebele , Florian Matthes

Systems managing Verifiable Credentials are becoming increasingly popular. Unfortunately, their support for revoking previously issued credentials allows verifiers to effectively monitor the validity of the credentials, which is sensitive…

Cryptography and Security · Computer Science 2025-09-16 Praveensankar Manimaran , Mayank Raikwar , Thiago Garrett , Arlindo F. da Conceição , Leander Jehl , Roman Vitenberg

Despite increasing advancements in today's information exchange infrastructure, the preservation of user data and privacy still remains a problem. Both insecure baselines and secure solutions leak user data. For example, Certificate…

Cryptography and Security · Computer Science 2019-05-24 Vy-An Phan

The ability to quickly revoke a compromised key is critical to the security of any public-key infrastructure. Regrettably, most traditional certificate revocation schemes suffer from latency, availability, or privacy problems. These…

Cryptography and Security · Computer Science 2020-09-15 Laurent Chuat , AbdelRahman Abdou , Ralf Sasse , Christoph Sprenger , David Basin , Adrian Perrig

Advanced Metering Infrastructure forms a communication network for the collection of power data from smart meters in Smart Grid. As the communication between smart meters could be secured utilizing public-key cryptography, however,…

Cryptography and Security · Computer Science 2020-08-07 Mumin Cebe , Kemal Akkaya

Current popular phishing prevention techniques mainly utilize reactive blocklists, which leave a ``window of opportunity'' for attackers during which victims are unprotected. One possible approach to shorten this window aims to detect…

Cryptography and Security · Computer Science 2021-06-24 Arthur Drichel , Vincent Drury , Justus von Brandt , Ulrike Meyer
‹ Prev 1 2 3 10 Next ›