Title :
Disaster coverable PKI model based on Majority Trust principle
Author :
Tzvetkov, Vesselin
Author_Institution :
Arcor AG&Co, Eschborn, Germany
Abstract :
The public key infrastructure (PKI) is an important part of almost all security implementations from secure portals for banks and e-shops to VPN devices. In spite of its strengths there is a critical design issue causing a single point of failure for the PKI infrastructure. Once the CA (certification authority) key has been stolen, the integrity of the entire system can be exposed to bogus certificates, compromising the validity of all digital identities issued under this CA. In this paper we introduce the problem and propose a solution to distribute the trust responsibility to accredited agents. The major advantage of the proposed solution is its compatibility to classical PKI based on x509 certificates.
Keywords :
accreditation; certification; cryptography; data integrity; message authentication; virtual private networks; Majority Trust principle; PKI; VPN devices; accredited agents; banks; certification authority key; e-shops; public key infrastructure; secure portals; system integrity; trust responsibility; x509 certificates; Authentication; Certification; Content addressable storage; Digital signatures; Frequency selective surfaces; Network servers; Portals; Public key; Public key cryptography; Security;
Conference_Titel :
Information Technology: Coding and Computing, 2004. Proceedings. ITCC 2004. International Conference on
Print_ISBN :
0-7695-2108-8
DOI :
10.1109/ITCC.2004.1286601
