Abstract
Browsers can detect malicious websites that are provisioned with forged or fake TLS/SSL certificates. However, they are not so good at detecting these websites if they are provisioned with mistakenly (or maliciously) issued certificates. Google proposed certificate transparency which is an open framework to monitor and audit certificates in real time. Thereafter, a few other certificate transparency schemes have been proposed which can even handle revocation. All currently known constructions use Merkle hash trees and have proof size logarithmic in the number of certificates/domain owners. We present a new certificate transparency scheme with short (constant size) proofs. Our construction makes use of dynamic bilinear-map accumulators. The scheme has many desirable properties like efficient revocation, low verification cost and update costs comparable to the existing schemes. We provide proofs of security and evaluate the performance of our scheme.
Author supplied keywords
Cite
CITATION STYLE
Singh, A., Sengupta, B., & Ruj, S. (2017). Certificate transparency with enhancements and short proofs. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10343 LNCS, pp. 381–389). Springer Verlag. https://doi.org/10.1007/978-3-319-59870-3_22
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
