What is it about?
Public Key Infrastructure (PKI) provides mechanisms for distributing public keys and related information, which is critical for applied cryptographic protocols. In this work, we develop game-based security specifications for PKI schemes. We analyze PKIX and two variants of Certificate Transparency (CT), which are important and widely deployed PKIs. We identify some subtle vulnerabilities and provide reduction-based proofs showing that the PKIs ensure specific requirements under specific models (assumptions).
Featured Image
Photo by Nhu Nguyen on Unsplash
Why is it important?
Despite the importance, failures, and complexity of PKI systems, there were no rigorous security specifications and proofs for realistic PKI schemes. Cryptographic systems using PKIs were previously analyzed using overly-simplified models of PKI, such as assuming securely-distributed public keys. To our knowledge, the reduction-based proofs in this work are the first reduction-based proofs of security for realistic PKI schemes, e.g., supporting certificate chains.
Read the Original
This page is a summary of: Provable Security for PKI Schemes, December 2024, ACM (Association for Computing Machinery),
DOI: 10.1145/3658644.3670374.
You can read the full text:
Contributors
The following have contributed to this page
