G. Vanrenen, S.W. Smith.
"Distributing Security-Mediated PKI."
Public Key Infrastructure: EuroPKI 2004.
Springer-Verlag LNCS 3093. 218-231. June 2004.
In this paper, we present a design that addresses this problem. We use secure coprocessors linked with peer-to-peer networks, to create a network of trustworthy mediators, to improve availability. We use threshold cryptography to build a back-up and migration technique, to provide recovery from a mediator crashing while also avoiding having all mediators share all secrets. We then use strong forward secrecy with this migration, to mitigate the damage should a crashed mediator actually be compromised. We also discuss a prototype implementation of this design.
|Back to home page||Maintained by Sean Smith, email@example.com|