Representation and Verification of Domain-Based Application Service Identity within Internet Public Key Infrastructure Using X.509 (PKIX) Certificates in the Context of Transport Layer Security (TLS)

Accountable and Transparent TLS Certificate Management: An Alternate Public-Key Infrastructure with Verifiable Trusted Parties

Security and Communication Networks ◽

10.1155/2018/8527010 ◽

2018 ◽

Vol 2018 ◽

pp. 1-16 ◽

Cited By ~ 5

Author(s):

Salabat Khan ◽

Zijian Zhang ◽

Liehuang Zhu ◽

Meng Li ◽

Qamas Gul Khan Safi ◽

...

Keyword(s):

State Of The Art ◽

Public Key Infrastructure ◽

Transport Layer ◽

Public Key ◽

Security Issues ◽

Transport Layer Security ◽

Security Properties ◽

Alternative Approaches ◽

Certificate Management ◽

Performance Results

Current Transport Layer Security (TLS) Public-Key Infrastructure (PKI) is a vast and complex system; it consists of processes, policies, and entities that are responsible for a secure certificate management process. Among them, Certificate Authority (CA) is the central and most trusted entity. However, recent compromises of CA result in the desire for some other secure and transparent alternative approaches. To distribute the trust and mitigate the threats and security issues of current PKI, publicly verifiable log-based approaches have been proposed. However, still, these schemes have vulnerabilities and inefficiency problems due to lack of specifying proper monitoring, data structure, and extra latency. We propose Accountable and Transparent TLS Certificate Management: an alternate Public-Key Infrastructure (PKI) with verifiable trusted parties (ATCM) that makes certificate management phases; certificate issuance, registration, revocation, and validation publicly verifiable. It also guarantees strong security by preventing man-in-middle-attack (MitM) when at least one entity is trusted out of all entities taking part in the protocol signing and verification. Accountable and Transparent TLS Certificate Management: an alternate Public-Key Infrastructure (PKI) with verifiable trusted parties (ATCM) can handle CA hierarchy and introduces an improved revocation system and revocation policy. We have compared our performance results with state-of-the-art log-based protocols. The performance results and evaluations show that it is feasible for practical use. Moreover, we have performed formal verification of our proposed protocol to verify its core security properties using Tamarin Prover.

Download Full-text

Data Confidentiality, Integrity, and Authentication

Advances in Systems Analysis, Software Engineering, and High Performance Computing - Architectures and Frameworks for Developing and Applying Blockchain Technology ◽

10.4018/978-1-5225-9257-0.ch012 ◽

2019 ◽

pp. 246-274

Author(s):

Dhanalakshmi Senthilkumar

Keyword(s):

Access Control ◽

Hash Function ◽

Transport Layer ◽

Public Key ◽

Data Confidentiality ◽

Linked List ◽

Cryptographic Hash Function ◽

Transport Layer Security ◽

Entire Network

Blockchain has been created in the process of development in bitcoin. It's a singly linked list of block, with each block containing a number of transactions and each list in the blocks using with cryptographic functions. The cryptographic hash function contains the hash of the previous block, timestamp, and transaction ID. Blockchain services include the authentication, confidentiality, integrity, data and resource provenance, and privacy and access control lists technologies. The authentication provider authenticates decentralized database with transactions in private-public key pair. This key-pair is used in the transport layer security with the entire network. The network legitimizes the transaction after that and adds the transaction to the blockchain. A sequence of blocks in blockchain holds the complete record of transactions like a public ledger. The integrity data written in the blockchain cannot be altered subsequently. By limiting access to the information in confidentiality, only authorized users can access the information, so that information is also protected.

Download Full-text

Comparison Studies between Pre-Shared and Public Key Exchange Mechanisms for Transport Layer Security

Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications ◽

10.1109/infocom.2006.52 ◽

2006 ◽

Cited By ~ 9

Author(s):

Fang-Chun Kuo ◽

Hannes Tschofenig ◽

Fabian Meyer ◽

Xiaoming Fu

Keyword(s):

Key Exchange ◽

Transport Layer ◽

Public Key ◽

Transport Layer Security

Download Full-text

Data Confidentiality, Integrity, and Authentication

Research Anthology on Blockchain Technology in Business, Healthcare, Education, and Government ◽

10.4018/978-1-7998-5351-0.ch027 ◽

2021 ◽

pp. 459-487

Author(s):

Dhanalakshmi Senthilkumar

Keyword(s):

Access Control ◽

Hash Function ◽

Transport Layer ◽

Public Key ◽

Data Confidentiality ◽

Linked List ◽

Cryptographic Hash Function ◽

Transport Layer Security ◽

Entire Network

Blockchain has been created in the process of development in bitcoin. It's a singly linked list of block, with each block containing a number of transactions and each list in the blocks using with cryptographic functions. The cryptographic hash function contains the hash of the previous block, timestamp, and transaction ID. Blockchain services include the authentication, confidentiality, integrity, data and resource provenance, and privacy and access control lists technologies. The authentication provider authenticates decentralized database with transactions in private-public key pair. This key-pair is used in the transport layer security with the entire network. The network legitimizes the transaction after that and adds the transaction to the blockchain. A sequence of blocks in blockchain holds the complete record of transactions like a public ledger. The integrity data written in the blockchain cannot be altered subsequently. By limiting access to the information in confidentiality, only authorized users can access the information, so that information is also protected.

Download Full-text