Seminars at the Faculty of Informatics

PoliCert: Secure and Flexible TLS Certificate Management

Speaker: Pawel Szalachowski
  ETH Zurich, Switzerland
Date: Monday, March 7, 2016
Place: USI Lugano Campus, room A33, Red building (Via G. Buffi 13)
Time: 09.30

 

Abstract:

The recently proposed concept of publicly verifiable logsis a promising approach for mitigating security issues and threats of the current Public-Key Infrastructure (PKI). Although much progress has been made towards a more secure infrastructure, the currently proposed approaches still suffer from security vulnerabilities, inefficiency, or incremental deployment challenges. In this paper we propose PoliCert, a comprehensive log-based and domain-oriented architecture that enhances the security of PKI by offering: a) stronger authentication of a domain's public keys, b) comprehensive and clean mechanisms for certificate management, and c) an incentivised incremental deployment plan. Surprisingly, our approach has proved fruitful in addressing other seemingly unrelated problems such as TLS-related error handling and client/server misconfiguration.

 

Biography:

Pawel Szalachowski is currently a postdoctoral researcher in Network Security Group at ETH Zurich. He received his Ph.D. degree in Computer Science (2012) from Warsaw University of Technology, Poland. His research interests include the Internet security, public-key infrastructures, and applied cryptography.

 

Host: Prof. Miroslaw Malek and Prof. Cesare Alippi