Related papers: Postcertificates for Revocation Transparency
Digital Identities are playing an essential role in our digital lives. Today, used Digital Identities are based on central architectures. Central Digital Identity providers control and know our data and, thereby, our Identity. Self…
In recent years, there has been increasing recognition of the benefits of having services provide auditable logs of data, as demonstrated by the deployment of Certificate Transparency and the development of other transparency projects. Most…
Transparency protocols are protocols whose actions can be publicly monitored by observers (such observers may include regulators, rights advocacy groups, or the general public). The observed actions are typically usages of private keys such…
This paper systematizes log based Transparency Enhancing Technologies. Based on work on transparency from multiple disciplines we outline the purpose, usefulness, and pitfalls of transparency. We describe the mechanisms that allow log based…
The Transport Layer Security (TLS) protocol and its public-key infrastructure (PKI) are widely used in the Internet to achieve secure communication. Validating domain ownership by trusted certification authorities (CAs) is a critical step…
Flawed TLS certificates are not uncommon on the Internet. While they signal a potential issue, in most cases they have benign causes (e.g., misconfiguration or even deliberate deployment). This adds fuzziness to the decision on whether to…
The central role of the certificate authority (CA) in traditional public key infrastructure (PKI) makes it fragile and prone to compromises and operational failures. Maintaining CAs and revocation lists is demanding especially in…
The global outbreak of COVID-19 has led to focus on efforts to manage and mitigate the continued spread of the disease. One of these efforts include the use of contact tracing to identify people who are at-risk of developing the disease…
Public Key Infrastructures (PKIs) with their trusted Certificate Authorities (CAs) provide the trust backbone for the Internet: CAs sign certificates which prove the identity of servers, applications, or users. To be trusted by operating…
High voter turnout in elections and referendums is very desirable in order to ensure a robust democracy. Secure electronic voting is a vision for the future of elections and referendums. Such a system can counteract factors that hinder…
There has recently been a flood of interest in potential new applications of blockchains, as well as proposals for more generic designs called public ledgers. Most of the novel proposals have been in the financial sector. However, the…
This paper describes a new protocol for authentication in ad-hoc networks. The protocol has been designed to meet specialized requirements of ad-hoc networks, such as lack of direct communication between nodes or requirements for revocable…
Self-Sovereign Identity (SSI) aspires to create a standardised identity layer for the Internet by placing citizens at the centre of their data, thereby weakening the grip of big tech on current digital identities. However, as millions of…
Employee data can be used to facilitate work, but their misusage may pose risks for individuals. Inverse transparency therefore aims to track all usages of personal data, allowing individuals to monitor them to ensure accountability for…
We define a problem of certifying computation integrity performed by some remote party we do not necessarily trust. We present a multi-party interactive protocol called SafeComp that solves this problem under specified constraints.…
Confidential Computing enhances privacy of data in-use through hardware-based Trusted Execution Environments (TEEs) that use attestation to verify their integrity, authenticity, and certain runtime properties, along with those of the…
Anonymity is a desirable feature for vehicle-to-vehicle (V2V) communications, but it conflicts with other requirements such as non-repudiation and revocation. Existing, pseudonym-based V2V communications schemes rely on certificate…
Proofs of Retrievability are protocols which allow a Client to store data remotely and to efficiently ensure, via audits, that the entirety of that data is still intact. Dynamic Proofs of Retrievability (DPoR) also support efficient…
We introduce a credential verification protocol leveraging on Ciphertext-Policy Attribute-Based Encryption. The protocol supports anonymous proof of predicates and revocation through accumulators.
The security of public key validation protocols for web-based applications has recently attracted attention because of weaknesses in the certificate authority model, and consequent attacks. Recent proposals using public logs have succeeded…