• DocumentCode
    2815353
  • Title

    Disaster coverable PKI model based on Majority Trust principle

  • Author

    Tzvetkov, Vesselin

  • Author_Institution
    Arcor AG&Co, Eschborn, Germany
  • Volume
    2
  • fYear
    2004
  • fDate
    5-7 April 2004
  • Firstpage
    118
  • Abstract
    The public key infrastructure (PKI) is an important part of almost all security implementations from secure portals for banks and e-shops to VPN devices. In spite of its strengths there is a critical design issue causing a single point of failure for the PKI infrastructure. Once the CA (certification authority) key has been stolen, the integrity of the entire system can be exposed to bogus certificates, compromising the validity of all digital identities issued under this CA. In this paper we introduce the problem and propose a solution to distribute the trust responsibility to accredited agents. The major advantage of the proposed solution is its compatibility to classical PKI based on x509 certificates.
  • Keywords
    accreditation; certification; cryptography; data integrity; message authentication; virtual private networks; Majority Trust principle; PKI; VPN devices; accredited agents; banks; certification authority key; e-shops; public key infrastructure; secure portals; system integrity; trust responsibility; x509 certificates; Authentication; Certification; Content addressable storage; Digital signatures; Frequency selective surfaces; Network servers; Portals; Public key; Public key cryptography; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on
  • Print_ISBN
    0-7695-2108-8
  • Type

    conf

  • DOI
    10.1109/ITCC.2004.1286601
  • Filename
    1286601
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2815353