DocumentCode :
2858561
Title :
Layering public key distribution over secure DNS using authenticated delegation
Author :
Jones, John P. ; Berger, Daniel F. ; Ravishankar, Chinya V.
Author_Institution :
Dept. of Comput. Sci. & Eng., California Univ., Riverside, CA
fYear :
2005
fDate :
5-9 Dec. 2005
Lastpage :
418
Abstract :
We present the Internet key service (IKS), a distributed architecture for authenticated distribution of public keys, layered on secure DNS (DNSSEC). Clients use DNSSEC to securely discover the identities of the relevant IKS servers, and send key lookup or management requests directly to these servers using a special-purpose protocol. Clients authenticate keys retrieved from IKS servers using key commitments published in DNSSEC IKS derives its authentication authority from the authority DNS domains have over Internet names. The IKS architecture is loosely coupled with DNS to minimize overhead on DNS servers. We also present RIKS, a prototype IKS implementation
Keywords :
Internet; authorisation; public key cryptography; DNSSEC; Internet key service; RIKS; authenticated delegation; distributed architecture; public key distribution layering; secure DNS; Authentication; Computer architecture; Computer science; Postal services; Privacy; Protocols; Public key; Public key cryptography; Web and internet services; Web server;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Security Applications Conference, 21st Annual
Conference_Location :
Tucson, AZ
ISSN :
1063-9527
Print_ISBN :
0-7695-2461-3
Type :
conf
DOI :
10.1109/CSAC.2005.35
Filename :
1565268
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2858561
بازگشت