|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Pins, Tacks, and Slinks: Proposals for patching PKI on the web
If you have a question about this talk, please contact Laurent Simon.
Abstract: The Certificate Authority (CA) system, added as an afterthought in the mid-1990s during initial development of SSL , has become a critical component for security on the web. Its faults have been become painfully clear over the past 2 years, with at least four known CA compromises which have enabled eavesdropping of real user’s web traffic with grave consequences. This talk will survey the growing menagerie of proposals patching the CA system to mitigate such failures, including HPKP , Certificate Transparency, DANE , TACK, Perspectives, and s-links. It will lay out the challenges inherent in any attempt to efficiently and securely distribute security policy on a global scale and compare several potential combinations of protocols which could be paths forward.
Bio: Joseph Bonneau is an engineer at Google New York. He completed his PhD in 2012 at the Security Group in Cambridge under Ross Anderson on human authentication.
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsWhy Deep Neural Networks Are Promising for Speech Recognition Civic Matter Faculty Research Group @ CRASSH Ffion Hague - 'The Women in Lloyd George's Life
Other talksStatistical clustering of temporal networks through a dynamic stochastic block model Helminth-induced suppression of inflammation – a role for the gut microbiota? Dr Frank Waldron-Lynch: Immune Cell Responses in Participants with Type 1 Diabetes after doses of Interleukin-2 in adaptive-response clinical trials Energy Transitions in the 20th Century Unconcious Bias talk Part Ib Computer Science Group Project Presentations