Certificate Transparency with Enhancements and Short Proofs

被引：10

作者：

Singh, Abhishek ^{[1
]}

Sengupta, Binanda ^{[2
]}

Ruj, Sushmita ^{[2
]}

机构：

[1] IBM Res Lab, New Delhi, India

[2] Indian Stat Inst, Kolkata, India

来源：

INFORMATION SECURITY AND PRIVACY, ACISP 2017, PT II | 2017年 / 10343卷

关键词：

Certificate transparency; Revocation; Bilinear-map accumulator;

D O I：

10.1007/978-3-319-59870-3_22

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting these websites if they are provisioned with mistakenly (or maliciously) issued certificates. Google proposed certificate transparency which is an open framework to monitor and audit certificates in real time. Thereafter, a few other certificate transparency schemes have been proposed which can even handle revocation. All currently known constructions use Merkle hash trees and have proof size logarithmic in the number of certificates/domain owners. We present a new certificate transparency scheme with short (constant size) proofs. Our construction makes use of dynamic bilinear-map accumulators. The scheme has many desirable properties like efficient revocation, low verification cost and update costs comparable to the existing schemes. We provide proofs of security and evaluate the performance of our scheme.

引用

页码：381 / 389

页数：9

共 10 条

[1]

Barreto PSLM, 2006, LECT NOTES COMPUT SC, V3897, P319

[2]

Benaloh J., 1994, Advances in Cryptology - EUROCRYPT '93. Workshop on the Theory and Application of Cryptographic Techniques Proceedings, P274

[3]

Bernstein D.J., eBASH: ECRYPT benchmarking of all submitted hashes

[4]

Brewster T.:., 2011, Diginotar goes bankrupt after hack

[5]

Chuengsatiansup Chitchanok, 2014, Pairing-Based Cryptography - Pairing 2013. 6th International Conference. Revised Selected Papers: LNCS 8365, P229, DOI 10.1007/978-3-319-04873-4_14

[6]

Damgard I., 2008, Supporting non-membership proofs with bilinear-map accumulators

[7]

Laurie B., Certificate Transparency

[8]

MERKLE RC, 1990, LNCS, V435, P218, DOI DOI 10.1007/0-387-34805-0_21

[9]

Ryan M. D., 2014, NDSS 2014

[10]

Singh A., 2017, ABS170404937 CORR

← 1 →