A Solution for Preventing the Rogue Certificate Attack | Zendy

Sergey Abrahamyan | Zendy; Arman Zakaryan | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

A Solution for Preventing the Rogue Certificate Attack

Author(s) -

Sergey Abrahamyan,

Arman Zakaryan

Publication year - 2020

Publication title -

mathematical problems of computer science

Language(s) - English

Resource type - Journals

eISSN - 2738-2788

pISSN - 2579-2784

DOI - 10.51408/1963-0052

Subject(s) - computer security , certificate , computer science , internet privacy , the internet , certificate authority , world wide web , public key cryptography , encryption , algorithm

In today’s online world, internet security heavily relies on the trust in Certificate Authorities. Modern browsers and operating systems provide a comprehensive list to their users, which includes all the CAs they trust by default. This could turn into a serious problem when even one of the CAs is compromised and/or goes rogue. It is especially relevant for enterprise applications, as they are more likely to be targeted for this kind of attack. In this paper, we propose a solution which can mitigate this kind of attack against large organizations. We also discuss the security of the proposed method, offering acceptable security/performance tradeoff.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research