In today’s online world, internet security heavily relies on the trust in Certificate Authorities. Modern browsers and operating systems provide a comprehensive list to their users, which includes all the CAs they trust by default. This could turn into a serious problem when even one of the CAs is compromised and/or goes rogue. It is especially relevant for enterprise applications, as they are more likely to be targeted for this kind of attack. In this paper, we propose a solution which can mitigate this kind of attack against large organizations. We also discuss the security of the proposed method, offering acceptable security/performance tradeoff.
"GITUTYUN" PUBLISHING HOUSE OF NAS RA
oai:noad.sci.am:136243
Mathematical Problems of Computer Science
Institute for Informatics and Automation Problems of NAS RA ; American University of Armenia
May 6, 2021
May 6, 2021
21
https://noad.sci.am/publication/149808
Edition name | Date |
---|---|
Abrahamyan Sergey, A Solution for Preventing the Rogue Certificate Attack | May 6, 2021 |
Abrahamyan Sergey Kyuregyan Knarik
Abrahamyan Sergey Kyuregyan Knarik