Open AccessA Solution for Preventing the Rogue Certificate Attack
Author(s) -
Sergey Abrahamyan,
Arman G. Zakaryan
Publication year - 2020
Publication title -
mathematical problems of computer science
Language(s) - English
Resource type - Journals
eISSN - 2738-2788
pISSN - 2579-2784
DOI - 10.51408/1963-0052
Subject(s) - computer security , certificate , computer science , internet privacy , the internet , certificate authority , world wide web , public key cryptography , encryption , algorithm
In today’s online world, internet security heavily relies on the trust in Certificate Authorities. Modern browsers and operating systems provide a comprehensive list to their users, which includes all the CAs they trust by default. This could turn into a serious problem when even one of the CAs is compromised and/or goes rogue. It is especially relevant for enterprise applications, as they are more likely to be targeted for this kind of attack. In this paper, we propose a solution which can mitigate this kind of attack against large organizations. We also discuss the security of the proposed method, offering acceptable security/performance tradeoff.