Zhi-Yu Peng,Shan-Ping Li

DOI: https://doi.org/10.1109/icmlc.2008.4620616

2008-01-01

Abstract:As pervasive computing leading to an increased collection of information in the computational world as well as the real world, privacy leaking becomes a serious issue. Although privacy protection has drawn great attention in recent years, the privacy-preserving trust management has not been brought forward. Credential chain discovery problem is the key issue in trust management, and traditionally credentials are full open in the whole system. This could expose users' access control policies as well as other private information, and leads to a great risk of being cheated by malicious users. This paper advocates a privacy-preserving credential chain discovery mechanism, in which credentials are no longer available to everyone. By merely learning credentials of one's logic neighbors, this mechanism still achieves good results. The simulations show that this mechanism is practical.

Liu Duan-yang,Pan Xue-zeng,Ping Ling-di

DOI: https://doi.org/10.1631/jzus.2003.0555

2003-01-01

Abstract:Distributed certification via threshold cryptography is much more secure than other ways to protect certification authority (CA)'s private key, and can tolerate some intrusions. As the original system such as ITTC, etc., is unsafe, inefficient and impracitcal in actual network environment, this paper brings up a new distributed certification scheme, which although it generates key shares concentratively, it updates key shares distributedly, and so, avoids single-point failure like ITTC. It not only enhances robustness with Feldman verification and SSL protocol, but can also change the threshold (t, k) flexibly and robustly, and so, is much more practical. In this work, the authors implement the prototype system of the new scheme and test and analyze its performance.

谭良,徐志伟

DOI: https://doi.org/10.3969/j.issn.1002-137x.2008.10.003

2008-01-01

Computer Science

Abstract:The issue of the transitive trusted chain is the foundation for trusted computing.This paper surveys the technologies and the theories of the transitive trusted chain,including the technology projects of the transitive trusted chain,the technologies of the trust for measurement,the theories of the transitive trusted chain and the trust for measurement.Some fields are worthy to be explored are pointed out including some key technologies,such as the static trust for measurement and the dynamic trust for measurement,and some foundation theories,such as the level model of the trusted chain,the trust loss model and the theory of the dynamic trust for measurement for software,and so on.

Zhiwei Gao,Ping Luo,Zhimin Gu,Hongjun Liu

DOI: https://doi.org/10.1109/mue.2007.33

2007-01-01

Abstract:Establishing trust on certificates across multiple domains requires an efficient certification path discovery algorithm. In this work, we propose and implement a model based on rigorous binary tree algorithm for efficient certification path discovery. Our model has four advantages. First, there is no any bottleneck problem when establishing a certification path. Second, its authentication path is short with no more than two entities intervened. Third, not need to inquire about a certificate revolution list. Fourth, it's easy to extend and suitable for large-scale network.

Hong-zhou NING,Yun LIU,De-quan HE

DOI: https://doi.org/10.3321/j.issn:1001-8360.2005.02.025

2005-01-01

Abstract:In view of the complexity of certificate verification response and certificate verification in the 2-3 tree for managing revoked certificates, the binary tree is used to replace the 2-3 tree to manage the revoked certificates. It can simplify the structure of the tree and the attribute of the nods. By using the global number of the nods, locating and indexing of the nods become easy. And by using unique numbering of paths, processing of neighbourship verification is simplified greatly. Thus, the computing efficiency of certificate verification response of the server and certificate verification of the client is improved, and using the binary tree to manage revoked certificates becomes more practical.

范磊,许崇祥,李建华

DOI: https://doi.org/10.3969/j.issn.1000-3428.2002.06.015

2002-01-01

Abstract:This paper proposes a scheme of certificate revocation management based on binary search trees. Reducing the communication cost and improving the efficiency largely, the increase of update frequency will not increase the effect on the communications very much, which is suitable for the situation where the certificate revocation list must be updated frequently.This scheme is based on binary trees and hash function, and it is easy to be realized . ;;

Yiming Zhang,Baojun Liu,Chaoyi Lu,Zhou Li,Haixin Duan,Jiachen Li,Zaifeng Zhang

DOI: https://doi.org/10.1145/3460120.3484768

2021-01-01

Abstract:HTTPS secures communications in the web and heavily relies on the Web PKI for authentication. In the Web PKI, Certificate Authorities (CAs) are organizations that provide trust and issue digital certificates. Web clients rely on public root stores maintained by operating systems or browsers, with hundreds of audited CAs as trust anchors. However, as reported by security incidents, hidden root CAs beyond the public root programs have been imported into local root stores, which allows adversaries to gain trust from web clients. In this paper, we provide the first client-side, nation-wide view of hidden root CAs in the Web PKI ecosystem. Through cooperation with a leading browser vendor, we analyze certificate chains in web visits, together with their verification statuses, from volunteer users in 5 months. In total, over 1.17 million hidden root certificates are captured and they cause a profound impact from the angle of web clients and traffic. Further, we identify around 5 thousand organizations that hold hidden root certificates, including fake root CAs that impersonate large trusted ones. Finally, we highlight that the implementation of hidden root CAs and certificates is highly flawed, and issues such as weak keys and signature algorithms are prevalent. Our findings uncover that the ecosystem of hidden root CAs is massive and dynamic, and shed light on the landscape of Web PKI security. Finally, we call for immediate efforts from the community to review the integrity of local root stores.

Chengyuan Zhang,Changqing An,Tao Yu,Zhiyan Zheng,Jilong Wang

DOI: https://doi.org/10.1109/noms59830.2024.10575605

2024-01-01

Abstract:The validity and efficiency of certificate revocation in today's web Public Key Infrastructure (PKI) are consistently overlooked. In this paper, we analyse current certificate revocation schemes from the perspective of Certificate Authorities (CAs) and browsers. We find that the average size of CRL files collected from popular CAs can be as large as 2MB and the average response time of OCSP is around 430ms, which means that the time overhead brought by current certificate revocation schemes is not negligible. Moreover, browsers often fail to perform the revocation check correctly and allow websites to use revoked certificates, which can help attackers to launch man-in-the-middle attacks using fraudulent certificates.We also summarise existing problems and propose a novel certificate revocation scheme utilizing DNS resource records for efficient and privacy-preserving distribution. We have implemented a prototype to evaluate the performance of our scheme, and test results show that our scheme is time-efficient and able to withstand realistic workloads. We hope that our work can stimulate further discussion of the problems in Web PKI.

Tong Zhou,Lein Harn

DOI: https://doi.org/10.1109/ccece.2008.4564549

2008-01-01

Abstract:In nonhierarchical public key infrastructure (PKI), any user can be a certificate authority (CA) to issue digital certificates to other users. As there is no single root CA, it is difficult to check the validity of certificates issued by unknown CAs. It is very risky to trust them without in-depth analysis. How users issue certificates in the real world has not been studied. Solomon Aschpsilas conformity experiment reveals that peoplespsila decisions are influenced by others. To reduce the risk of trusting malicious certificate issuers, we propose two novel methods, micro method and macro method, for users to make trust decisions based on the relationships among the CAs. They will improve the security in ad hoc networks and peer-to-peer (P2P) communications.

Wenfeng Liu,Yu Zhang,Wenjia Zhang,Lu Liu,Hongli Zhang,Binxing Fang

DOI: https://doi.org/10.32604/cmc.2020.07982

2020-01-01

Abstract:As a critical Internet infrastructure, domain name system (DNS) protects the authenticity and integrity of domain resource records with the introduction of security extensions (DNSSEC). DNSSEC builds a single-center and hierarchical resource authentication architecture, which brings management convenience but places the DNS at risk from a single point of failure. When the root key suffers a leak or misconfiguration, top level domain (TLD) authority cannot independently protect the authenticity of TLD data in the root zone. In this paper, we propose self-certificating root, a lightweight security enhancement mechanism of root zone compatible with DNS/DNSSEC protocol. By adding the TLD public key and signature of the glue records to the root zone, this mechanism enables the TLD authority to certify the self-submitted data in the root zone and protects the TLD authority from the risk of root key failure. This mechanism is implemented on an open-source software, namely, Berkeley Internet Name Domain (BIND), and evaluated in terms of performance, compatibility, and effectiveness. Evaluation results show that the proposed mechanism enables the resolver that only supports DNS/DNSSEC to authenticate the root zone TLD data effectively with minimal performance difference.

LIN Huai-qing,LI Zhi-tang,HUANG Qing-feng

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.18.007

2007-01-01

Abstract:Managing trust relationships are important part of trust model.An important challenge in managing such trust relationships is to design a protocol to secure the placement and access of these trust ratings.In this protocol,a verifiable threshold cryptosystem without a trusted center is applied to generate system public/private keys.K managers can generate certification for peer.The protocol provides an anonymous server for peer.The security analysis shows that the protocol has desirable features of anonymity,reliability,accountability and is secure in the presence of a variety of possible attacks.

LIU Zhi-yuan

DOI: https://doi.org/10.3969/j.issn.1006-2475.2007.03.014

2007-01-01

Abstract:Public Key Infrastructure(PKI)provides a security platform for electronic commerce,and the construction of trust model is a key step during the implementation of PKI systems at the beginning.This paper analyses the normal trust models and proposes a new hybrid multilevel trust model.A path server is introduced to construct trust path in this model.Some methods are given to solve some key questions during the implementation.

YANG Chun,CAO Tian-jie,ZHANG Yong-ping

DOI: https://doi.org/10.3969/j.issn.1000-7024.2006.01.027

2006-01-01

Abstract:X.509v3 is the most wildly used standard of digital credentials in current days.But there still are some security limitations in it.On the base of its important reality significance,the background knowledge of digital credentials and their disadvantage was in-troduced.And the existing solution was analyzed.To fix the drawback of storage space,Merkle tree algorithm was proposed.And the demerit of Merkle tree was also analyzed.Considering the probability of each field in the digital credentials,the Huffman tree algorithm was proposed.At last,3 methods were simply compared.

LIU Fu-li,WU Bin,YANG Shou-bao,JI Wen

DOI: https://doi.org/10.3969/j.issn.1009-8054.2009.09.046

2009-01-01

Abstract:Public key certificate is an important carrier for public key. With the development of self-organized networks and distributed networks, such as Ad Hoc Networks, a secure self-organized certificate management scheme is required urgently. In this paper, a new one-way hash chain based self-organized certificate management scheme is proposed. In this scheme, nodes themselves can create, disseminate, renew, certify and revoke the certificate without the supports by third trusted party online. As its security relies on the security of private key and the one-way hash chain, this scheme is more secure than previous ones.

Lucas Mayr,Gustavo Zambonin,Frederico Schardong,Ricardo Custódio

2024-08-02

Abstract:Electronic documents are signed using private keys and verified using the corresponding digital certificates through the well-known public key infrastructure model. Private keys must be kept in a safe container so they can be reused. This makes private key management a critical component of public key infrastructures with no failproof answer. Therefore, existing solutions must employ cumbersome and often expensive revocation methods to handle private key compromises. We propose a new cryptographic key management model built with long-term, irrevocable digital certificates, each bound to a single document. Our model issues a unique digital certificate for each new document to be signed. We demonstrate that private keys associated with these certificates should be deleted after each signature, eliminating the need to store those keys. Furthermore, we show that these certificates do not require any revocation mechanism to be trusted. We analyze the overhead caused by the frequent generation of new key pairs for each document, provide a security overview and show the advantages over the traditional model.

Cryptography and Security

ZHOU Xiaobin,XU Yong,ZHANG Ling

DOI: https://doi.org/10.3969/j.issn.1001-2486.2013.01.030

2013-01-01

Abstract:Some problems about the traditional identity authentication model for PKI(Public Key Infrastructure) were analyzed.For example,because certificate status verification service and key verification service depend on different service providers who have not enough trust degree in open network environment,the trust degree of the traditional model decreases and its risk increases.Additionally,there are other problems about cross-CAs and incomplete authentication service in the traditional model.Thus a new open identity authentication model was put forward for PKI,which can solve the above problems.In this model,the above two verification services were both provided by CA,and the service result was applied by providing identity certification file instead of OCSP answer.The trust degree of the traditional model and our model by using the cloud trust model presented by other researchers was calculated.The result of the calculating test shows that our model can improve the trust degree obviously.Finally,the prototype system of our model was completed,and especially the performance of the model was optimized.The test shows that the model has good practical value.

Xiaolin Zhang,Chenghao Chen,Kailun Qin,Yuxuan Wang,Shipei Qu,Tengfei Wang,Chi Zhang,Dawu Gu

2024-09-06

Abstract:The signing key exposure of Certificate Authorities (CAs) remains a critical concern in PKI. These keys can be exposed even today by various attacks or operational errors. Traditional protections fail to eliminate such risk and one leaked key is enough to compromise the CA. This long-standing dilemma motivates us to consider removing CAs' signing keys and propose Armored Core, a PKI security extension using the trusted binding of Physically Unclonable Function (PUF) for certificate operations. It makes key exposure impossible by eliminating the digital signing keys for CA. To achieve this, we design a set of PUF-based X.509v3 certificate functions for CAs to generate physically trusted "signatures" without using a digital key. We have presented cryptographic proofs for these functions. Moreover, we introduce the first PUF transparency mechanism to effectively monitor the PUF operations in CAs. Armored Core is integrated into real-world PKI systems including Let's Encrypt Pebble and Certbot. We also provide a PUF-embedded RISC-V CPU prototype to verify the feasibility. The evaluation results show that Armored Core achieves key removal without introducing extra overhead, but improves the performance by 11% on storage and 4.9%~73.7% on computation.

Cryptography and Security

Jiayu Zhu,Chengcheng Wan,Pengbo Nie,Yuting Chen,Zhendong Su

DOI: https://doi.org/10.1109/icsme46990.2020.00032

2020-01-01

Abstract:SSL and TLS are two secure protocols for creating secure connections over the Internet. X.509 certificate validation is important for security and needs to be performed before an SSL/TLS connection is established. However, state-of-the-art testing techniques, such as frankencert and mucert, have revealed, through randomly mutating Internet accessible certificates, that there exist unexpected, sometimes critical, validation differences among different SSL/TLS implementations. Despite these strong efforts, certificate validation is still not thoroughly tested and more effective techniques are needed as this work shows. To this end, this paper introduces transcert, a novel approach for effectively guiding fuzzing to perform deep testing of X.509 certificate validation. The goal of transcert is to generate certificates that trigger diverse executions; it achieves this goal by introducing the concept of a coverage transfer graph to efficiently, precisely abstract program executions. In particular, it records the execution of how a given certificate is validated by a reference SSL/TLS implementation. It then constructs a coverage transfer graph to model the coverage transfer from a test certificate (seed) to its mutated certificates (mutants), and explores the coverage transfer graph by iteratively sampling and mutating certificates. We have implemented transcert and evaluated it against frankencert and mucert on four state-of-the-art SSL/TLS implementations. The evaluation results clearly show the strengths of transcert- during 10,000 iterations, transcert has revealed 3,469 validation differences, 8× as many as those revealed by frankencert and mucert. We have identified 11 root causes of validation differences, all of which have been confirmed and five have never been reported previously. We also found that the primary goal of certificate chain validation is stated ambiguously in the widely-adopted PKI standard RFC 5280.

王政,赵明,斯雪明,韩文报

DOI: https://doi.org/10.3969/j.issn.1000-3428.2009.01.012

2009-01-01

Abstract:Large scale environment, unreasonable certificate revocation management will bring enormous operations and burden of network transmission. This paper analyzes some kinds of CRL mechanisms, puts forward a maintenance scheme of certificate revocation list named PSHT-CRL, which inherits the character of segment-CRL, redirect-CRL and over issue-CRL. PSHT-CRL uses Hash table, partial signature, and link method to ensure the scheme’s security, to reduce the cost of user request response and certificate updating. PSHT-CRL solves the problems of other revocation schemes. The security and capability of this scheme are analyzed and PSHT-CRL compared with other CRL scheme.

Xiaolin Zhang,Chenghao Chen,Kailun Qin,Yuxuan Wang,Shipei Qu,Tengfei Wang,Chi Zhang,Dawu Gu

2024-10-26

Abstract:The signing key exposure of Certificate Authorities (CAs) remains a critical concern in PKI. These keys can be exposed by carefully designed attacks or operational errors even today. Traditional protections fail to eliminate such risk and one leaked key is enough to compromise the CA. This long-standing dilemma motivates us to consider removing CAs' signing keys and propose Armored Core, the first PKI security extension using the trusted binding of Physically Unclonable Function (PUF) for certificate operations. It makes key exposure impossible by eliminating the digital signing keys in CA. To achieve this, we design a set of PUF-based X.509v3 certificate functions for CAs to generate physically trusted "signatures" without using a digital key. Moreover, we introduce a novel PUF transparency mechanism to effectively monitor the PUF operations in CAs. We integrate Armored Core into real-world PKI systems including Let's Encrypt Pebble and Certbot. We also provide a PUF-embedded RISC-V CPU prototype. The evaluation results show that Armored Core can offer stronger security guarantees through signing key removal and without causing any extra overhead, but improves the overall performance by 11% on storage and 4.9%-73.7% on computation.

Cryptography and Security