Distributing security-mediated PKI |
| |
Authors: | Gabriel Vanrenen Sean Smith John Marchesini |
| |
Affiliation: | (1) Department of Computer Science/PKI Lab, Dartmouth College, Hanover, NH 03755, USA |
| |
Abstract: | The security-mediated approach to PKI offers several advantages, such as instant revocation and compatibility with standard
RSA tools. In this paper, we present a design and prototype that addresses its trust and scalability problems. We use trusted
computing platforms linked with peer-to-peer networks to create a network of trustworthy mediators and improve availability.
We use threshold cryptography to build a back-up and migration technique which allows recovery from a mediator crashing while
also avoiding having all mediators share all secrets. We then use strong forward secrecy with this migration, to mitigate
the damage should a crashed mediator actually be compromised.
Gabriel Vanrenen is currently a software engineer at Wily Technology, Inc. in Brisbane, CA where he works on J2EE application performance
management software. He received a B.A. in Computer Science (Summa Cum Laude) from Dartmouth College. At Dartmouth, he researched
trusted third parties and PKI with his Senior Honors Thesis advisor Sean Smith
Sean Smith is on the faculty of the Department of Computer Science at Dartmouth College. His current research and teaching focus on
how to build trustworthy systems in the real world. He previously worked as a scientist at IBM T.J. Watson Research Center,
doing secure coprocessor design, implementation and validation; and at Los Alamos National Laboratory, doing security designs
and analyses for a wide range of public-sector clients. Dr. Smith was educated at Princeton (B.A., Math, but only Magna Cum
Laude) and Carnegie Mellon (M.S., Ph.D., Computer Science).
John Marchesiniis currently a Ph.D. candidate in the Computer Science Department at Dartmouth College. His advisor is Sean Smith, and his
research interests are security, distributed systems, and PKI. Before going to Dartmouth, he worked as a software developer
for the BindView Corporation and earned a B.S. in Computer Science from the University of Houston (Summa Cum Laude). |
| |
Keywords: | SEM Peer-to-peer Trusted computing |
本文献已被 SpringerLink 等数据库收录! |
|