Working paper
Security of Certificate Transparency
- Abstract:
-
Certificate Transparency is one of a number of recent proposals to improve the public key infrastructure of the Internet, all based on the use of public, verifiable log servers to store records of certain actions. Whilst it lacks some features of alternative systems, such as handling revocation or permitting distributed verification, Certificate Transparency has the significant advantage of support from the Chromium web browser team, and thus will be enabled for large parts of the Internet by early 2015.
In this report we present an initial, informal security analysis of Certificate Transparency, identifying the implicit assumptions made elsewhere and describing the adversaries which is it designed to resist as well as those which it is not. We also suggest how this analysis could be formalised in future work, linking it to recent research on PKI in Bellare-Rogaway-style security games.
- Publication status:
- Not published
- Peer review status:
- Not peer reviewed
Actions
Authors
- Edition:
- Author's Original
- Language:
-
English
- Subjects:
- UUID:
-
uuid:6c85dda3-628a-40b7-87a0-621c3c952c62
- Local pid:
-
ora:11265
- Deposit date:
-
2015-04-29
Terms of use
- Copyright holder:
- Cohn-Gordon, K
- Copyright date:
- 2015
If you are the owner of this record, you can report an update to it here: Report update to this record