Paper Info
Title
Global authentication in an untrustworthy world
Abstract
With the advent in the 1980's of truly global hierarchical naming (via the Domain Name Service), security researchers realized that the trust relationships needed to authenticate principals would often not follow the naming hierarchy [1,13]. The most successful non-hierarchical authentication schemes are based on X.509 and RFC 5280, as used for example in TLS and Authenticode. These are extremely widely deployed, and are trusted for most people's everyday use of the Internet. Unfortunately several incidents in the last few years have proved that this trust is misplaced [9,14]. We explore the weaknesses of this machinery, helped by a large database of X.509 certificates, and we offer an analysis technique and a suggestion for how the trust could be enhanced.
Year
Venue
Keywords
2013
HotOS
large database,global authentication,analysis technique,successful non-hierarchical authentication scheme,domain name,trust relationship,global hierarchical naming,everyday use,untrustworthy world,security researcher,naming hierarchy
Field
DocType
Citations 
World Wide Web,Authentication,Computer science,Computer security,Domain Name System,Hierarchy,The Internet
Conference
10
PageRank 
References 
Authors
0.74
6
5
Name
Order
Citations
PageRank
Martín Abadi1120741324.31
Andrew Birrell21538877.52
Ilya Mironov31680128.98
Ted Wobber4122373.05
Yinglian Xie5114076.73