Date of Original Version
Abstract or Description
Recent trends in public-key infrastructure research explore the tradeoff between decreased trust in certificate authorities (CAs), the level of security achieved, the communication overhead (bandwidth and latency) for setting up a secure connection (e.g., verified via SSL/TLS), and the availability with respect to verifiability of public key information. In this paper, we propose TKI as a new public-key validation infrastructure, where we reduce the level of trust in any CA and increase the security by achieving increased robustness in the case of CA key compromise. Compared to other proposals, we reduce the communication overhead associated with certificate validation during the existing SSL/TLS connection handshake and provide site owners with an optional time window to review potentially malicious key changes. Our design deters CA misbehavior by using a public log that records all certificate events, thereby enabling CAs' accountability for their actions. TKI will help reduce the trust in the hundreds of currently trusted CAs, reduce exposure to CA compromise, and enhance the security of SSL/TLS connection establishment.