Title :
Managing Trusted Keys in Internet-Scale Systems
Author :
Osterweil, Eric ; Massey, Dan ; Zhang, Lixia
Author_Institution :
UCLA, Los Angeles, CA, USA
Abstract :
This paper considers a fundamental problem facing all applications that rely on public key cryptography: how to obtain, verify, and maintain the set of trusted public keys. Without some notion of where to find the right keys or which keys can be trusted, an adversary can create false keys, trick users into accepting the false keys, and impersonate legitimate online parties. Unfortunately, the problem of obtaining and managing trusted keys is made challenging by Internet´s lack of a central authority: Generally speaking, there is no single point of authority to issue lists of trusted PGP keys, or SSL certificates, or DNSSEC keys for the entire Internet. In this work we explore a new direction to address the challenge of distributing and maintaining trusted keys. First, we note many of today´s more successful Internet cryptographic systems (such as the SSL and PGP) use various forms of locally trusted key lists.
Keywords :
Internet; public key cryptography; DNSSEC key; Internet cryptographic system; Internet-scale system; PGP key; SSL certificate; pretty good privacy; public key cryptography; trusted public key management; Content management; Credit cards; Data security; Internet; Privacy; Public key; Public key cryptography; Routing protocols; Sockets; Web server;
Conference_Titel :
Applications and the Internet, 2009. SAINT '09. Ninth Annual International Symposium on
Conference_Location :
Bellevue, WA
Print_ISBN :
978-1-4244-4776-3
Electronic_ISBN :
978-0-7695-3700-9
DOI :
10.1109/SAINT.2009.38
