通过分布式账本和一次性签名监控密钥对的使用

IF 2.4 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

Information (Switzerland) Pub Date : 2023-09-26 DOI:10.3390/info14100523

Lucas Mayr, Lucas Palma, Gustavo Zambonin, Wellington Silvano, Ricardo Custódio

{"title":"通过分布式账本和一次性签名监控密钥对的使用","authors":"Lucas Mayr, Lucas Palma, Gustavo Zambonin, Wellington Silvano, Ricardo Custódio","doi":"10.3390/info14100523","DOIUrl":null,"url":null,"abstract":"Private key management is a complex obstacle arising from the traditional public key infrastructure model. However, before any related security breach can be addressed, it must first be reliably detected. Certificate Transparency (CT) is an example of a certificate issuance monitoring strategy, developed to detect the possible malfeasance of certification authorities (CAs). To the best of our knowledge, CT and other detection mechanisms do not cover digitally signed documents made by an end user, which are also susceptible to CA misbehavior. We modify the CT framework to handle signed documents via logging certificates in the blockchain to enable the secure and user-friendly monitoring of one-time signatures, backdating protection, and effective CA misbehavior detection. Moreover, to demonstrate the feasibility of our proposal, we present distinct deployment scenarios and analyze the storage, performance, and monetary costs.","PeriodicalId":38479,"journal":{"name":"Information (Switzerland)","volume":null,"pages":null},"PeriodicalIF":2.4000,"publicationDate":"2023-09-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Monitoring Key Pair Usage through Distributed Ledgers and One-Time Signatures\",\"authors\":\"Lucas Mayr, Lucas Palma, Gustavo Zambonin, Wellington Silvano, Ricardo Custódio\",\"doi\":\"10.3390/info14100523\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Private key management is a complex obstacle arising from the traditional public key infrastructure model. However, before any related security breach can be addressed, it must first be reliably detected. Certificate Transparency (CT) is an example of a certificate issuance monitoring strategy, developed to detect the possible malfeasance of certification authorities (CAs). To the best of our knowledge, CT and other detection mechanisms do not cover digitally signed documents made by an end user, which are also susceptible to CA misbehavior. We modify the CT framework to handle signed documents via logging certificates in the blockchain to enable the secure and user-friendly monitoring of one-time signatures, backdating protection, and effective CA misbehavior detection. Moreover, to demonstrate the feasibility of our proposal, we present distinct deployment scenarios and analyze the storage, performance, and monetary costs.\",\"PeriodicalId\":38479,\"journal\":{\"name\":\"Information (Switzerland)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":2.4000,\"publicationDate\":\"2023-09-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Information (Switzerland)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.3390/info14100523\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Information (Switzerland)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/info14100523","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

私钥管理是传统公钥基础设施模式带来的复杂障碍。然而，在解决任何相关的安全漏洞之前，必须首先可靠地检测到它。证书透明度(Certificate Transparency, CT)是证书颁发监控策略的一个示例，用于检测证书颁发机构(Certificate authority, ca)可能存在的不当行为。据我们所知，CT和其他检测机制不包括最终用户生成的数字签名文档，这些文档也容易受到CA不当行为的影响。我们修改了CT框架，通过区块链中的日志证书来处理签名的文档，从而实现对一次性签名的安全、用户友好的监控、回溯保护和有效的CA不当行为检测。此外，为了演示我们建议的可行性，我们提出了不同的部署方案，并分析了存储、性能和货币成本。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Monitoring Key Pair Usage through Distributed Ledgers and One-Time Signatures

Private key management is a complex obstacle arising from the traditional public key infrastructure model. However, before any related security breach can be addressed, it must first be reliably detected. Certificate Transparency (CT) is an example of a certificate issuance monitoring strategy, developed to detect the possible malfeasance of certification authorities (CAs). To the best of our knowledge, CT and other detection mechanisms do not cover digitally signed documents made by an end user, which are also susceptible to CA misbehavior. We modify the CT framework to handle signed documents via logging certificates in the blockchain to enable the secure and user-friendly monitoring of one-time signatures, backdating protection, and effective CA misbehavior detection. Moreover, to demonstrate the feasibility of our proposal, we present distinct deployment scenarios and analyze the storage, performance, and monetary costs.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Information (Switzerland) Computer Science-Information Systems

CiteScore

6.90

自引率

0.00%

发文量

515

审稿时长

11 weeks