Abstract
Current Transport Layer Security (TLS) Public-Key Infrastructure (PKI) is a vast and complex system; it consists of processes, policies, and entities that are responsible for a secure certificate management process. Among them, Certificate Authority (CA) is the central and most trusted entity. However, recent compromises of CA result in the desire for some other secure and transparent alternative approaches. To distribute the trust and mitigate the threats and security issues of current PKI, publicly verifiable log-based approaches have been proposed. However, still, these schemes have vulnerabilities and inefficiency problems due to lack of specifying proper monitoring, data structure, and extra latency. We propose Accountable and Transparent TLS Certificate Management: an alternate Public-Key Infrastructure (PKI) with verifiable trusted parties (ATCM) that makes certificate management phases; certificate issuance, registration, revocation, and validation publicly verifiable. It also guarantees strong security by preventing man-in-middle-attack (MitM) when at least one entity is trusted out of all entities taking part in the protocol signing and verification. Accountable and Transparent TLS Certificate Management: an alternate Public-Key Infrastructure (PKI) with verifiable trusted parties (ATCM) can handle CA hierarchy and introduces an improved revocation system and revocation policy. We have compared our performance results with state-of-the-art log-based protocols. The performance results and evaluations show that it is feasible for practical use. Moreover, we have performed formal verification of our proposed protocol to verify its core security properties using Tamarin Prover.
Highlights
Transport Layer Security (TLS) is the backbone and grand success in securing network-based communication
We presented Accountable and Transparent TLS Certificate Management: an alternate Public-Key Infrastructure (PKI) with verifiable trusted parties (ATCM), a new PKI which improves the security of current TLS PKI
Even if all trusted parties involved in ATCM got compromised, in which circumstances MitM attack cannot be prevented, the other Certificate Authority (CA) or auditor may still get proof that of the compromise and can perform some countermeasure, even though MitM attack cannot be averted when all trusted parties get compromised but are at least apparent and visible
Summary
Transport Layer Security (TLS) is the backbone and grand success in securing network-based communication. In 2011, DigiNotar and Comodo got compromised [15, 31], the certificate of the former victim was revoked from browser CAs list [32], but the later victim certificate is still present in browser CAs list [33] To solve these problems, some techniques have been proposed in the literature. The server returns the signed certificate time (SCT) to the domain, and the domain provides this SCT to a client on TLS connection setup as testament This technique is not immune to attacks when CA get compromised. Policert [35] is another proposal that tries to empower domain by giving supremacy to a domain to describe their policy, certificate, and TLS connection setup properties This scheme uses public log server for validation, management, and enforcement of its policies.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
