Title:
A Solution for Preventing the Rogue Certificate Attack
Author:
Type:
Co-author(s) :
Uncontrolled Keywords:
HTTPS ; TLS ; Digital Certificates ; Masquerade Attack ; Rogue Certificate Attack ; Security
Abstract:
In today’s online world, internet security heavily relies on the trust in Certificate Authorities. Modern browsers and operating systems provide a comprehensive list to their users, which includes all the CAs they trust by default. This could turn into a serious problem when even one of the CAs is compromised and/or goes rogue. It is especially relevant for enterprise applications, as they are more likely to be targeted for this kind of attack. In this paper, we propose a solution which can mitigate this kind of attack against large organizations. We also discuss the security of the proposed method, offering acceptable security/performance tradeoff.
Publisher:
"GITUTYUN" PUBLISHING HOUSE OF NAS RA
Date of publication:
DOI:
ISSN:
Language:
Journal or Publication Title:
Mathematical Problems of Computer Science
Volume:
URL:
Affiliation:
Institute for Informatics and Automation Problems of NAS RA ; American University of Armenia