[2017-12-27] Dr. Tiffany Hyun-Jin Kim HRL Laboratories, "Proposals for Accountable and Attack-Resilient Key Infrastructures "

Title: Proposals for Accountable and Attack-Resilient Key Infrastructures 
Date: 2017-12-27  11:00am-12:00am
Location: R 210, CSIE
Speaker: Dr. Tiffany Hyun-Jin Kim, HRL Laboratories
Hosted by: Prof. Hsu-Chun Hsiao 



The current Transport Layer Security (TLS) Public-Key Infrastructure (PKI) is based on a weakest-link security model that depends on over a thousand trust roots. The recent history of malicious and compromised Certification Authorities (CAs) has fueled the desire for alternatives. Creating a new, secure infrastructure is, however, a surprisingly challenging task due to the large number of parties involved and the many ways that they can interact. A principled approach to its design is therefore mandatory, as humans cannot feasibly consider all the cases that can occur due to the multitude of interleavings of actions by legitimate parties and attackers, such as private key compromises, key revocations, key updates, etc. We present AKI, an PKI architecture that reduces the level of trust in CAs.  AKI integrates an architecture for key revocation of all entities with an architecture for accountability of all infrastructure parties through checks and balances.  AKI efficiently handles common certification operations, and gracefully handles catastrophic events such as domain key loss or compromise.  AKI also offers flexibility for entities to select a security policy for their certificates, enabling a tradeoff between availability and security.  ARPKI, an Attack-Resilient PKI, is a successor of AKI that is co-designed with a formal model, and we prove that ARPKI offers extremely strong security guarantees, where compromising even n - 1 trusted signing and verifying entities is insufficient to launch a man-in-the-middle attack.  According to our proof-of-concept implementation and evaluation, ARPKI efficiently handles the certification process with low overhead, without incurring additional latency to TLS, since no additional round trips are required.



Tiffany Hyun-Jin Kim is a research scientist at HRL Laboratories.  Dr. Kim completed her B.A. in Computer Science at UC Berkeley, M.S. in Computer Science at Yale University, and Ph.D. at Carnegie Mellon University.  Her research interests include user-centric security and privacy, network security, trust management, and applied cryptography.  



最後修改時間:2017-12-25 AM 11:59

cron web_use_log