Abstract
Hypertext transfer protocol secure (HTTPS) relies on a group of pre-trusted certificate authorities (CAs) for authentication and hence can avoid man-in-the-middle attacks. However unfortunately, this authentication architecture can be completely subverted in case any one (usually the weakest one) of CAs has been compromised. To tackle this critical flaw, pioneer works such as notary-based systems and pre-shared secrets have been proposed. These state-of-the-art techniques can neither seek maximal protection from available CAs nor resist potential man-in-the-middle variants. In this study, the authors propose HTTPAS, a new HTTP Active Secure framework that can enhance the HTTPS authentication against man-in-the-middle attacks by actively utilising available CAs and exploiting Internet path diversity as much as possible. In particular, HTTPAS is designed with four practical solutions, each of which can make a unique trade-off among authentication capability, deployment difficulty and efficiency. They have implemented HTTPAS using the open secure sockets layer (SSL) suite, and also evaluated the implementation through experiments on several public certificate data sets and the Internet. Their results have successfully confirmed the authentication effectiveness of HTTPAS with only a few performance overheads and moderate deployment effort.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
