Home

About

Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network
FAQHELPSITE MAPCONTACT US


  Advanced Search  

 
VeriKey: A Dynamic Certificate Verification System for Public Key Exchanges
 

Summary: VeriKey: A Dynamic Certificate Verification
System for Public Key Exchanges
Brett Stone-Gross, David Sigal, Rob Cohn,
John Morse, Kevin Almeroth, and Christopher Kruegel
Department of Computer Science,
University of California, Santa Barbara
{bstone,dsigal,rcohn,morse,almeroth,chris}@cs.ucsb.edu
Abstract. This paper presents a novel framework to substantiate self-
signed certificates in the absence of a trusted certificate authority. In
particular, we aim to address the problem of web-based SSL man-in-the-
middle attacks. This problem originates from the fact that public keys
are distributed through insecure channels prior to encryption. Therefore,
a man-in-the-middle attacker may substitute an arbitrary public key
during the exchange process and compromise communication between a
client and server. Typically, web clients (browsers) recognize this poten-
tial security breach and display warning prompts, but often to no avail
as users simply accept the certificate since they lack the understanding
of Public Key Infrastructures (PKIs) and the meaning of these warnings.
In order to enhance the security of public key exchanges, we have devised
an automated system to leverage one or more vantage points of a certifi-

  

Source: Almeroth, Kevin C. - Department of Computer Science, University of California at Santa Barbara

 

Collections: Computer Technologies and Information Sciences