David Levin - Revocations Are Dead, Long Live Revocations

From Katie Gentilello January 31st, 2018

32 plays 0 comments

The importance of the web’s public key infrastructure (PKI) cannot be overstated: it is what allows users to know with whom they are communicating online. Central to its correct operation is the ability to “revoke” certificates in the wake of a compromised key. For revocations to work: (1) website administrators must request to have their certificates revoked, (2) browser manufacturers must regularly check for revocations, and (3) above all, no one should share their private keys. Using Internet-wide measurements, I will show that all of these are violated on a regular basis, largely due to perverse economic incentives. I will also present a promising path forward: a new system, CRLite, that compactly represents all revocations in only tens of kilobytes per day. CRLite shows that, at last, it is feasible for every client to download every revocation everyday.

https://mediaspace.gatech.edu/media/levin/1_01qazfs0

Tags: cybersecurity lecture seriesinstitute for information security & privacygeorgia techrecorded by gtlibraryspring 2018

name: David Levin
Date: January 12th, 2018
Appears In: Open Scholarship

Comments
Related Media

Loading…

David Levin - Revocations Are Dead, Long Live Revocations

Related Media