Layering Public Key Distribution Over Secure DNS using Authenticated Delegation

13 years 10 months ago

Download www.acsac.org

We present the Internet Key Service (IKS), a distributed architecture for authenticated distribution of public keys, layered on Secure DNS (DNSSEC). Clients use DNSSEC to securely discover the identities of the relevant IKS servers, and send key lookup or management requests directly to these servers using a special-purpose protocol. Clients authenticate keys retrieved from IKS servers using key commitments published in DNSSEC. IKS derives its authentication authority from the authority DNS domains have over Internet names. The IKS architecture is loosely coupled with DNS to minimize overhead on DNS servers. We also present RIKS, a prototype IKS implementation.

John P. Jones, Daniel F. Berger, Chinya V. Ravisha

Real-time Traffic

ACSAC 2005 | IKS Servers | Prototype Iks Implementation | Relevant Iks Servers | Security Privacy |

claim paper

» Reducing the Dependence of SPKISDSI on PKI

» IdentityBased Cryptography for Grid Security

» Authenticating DSR Using a Novel Multisignature Scheme Based on Cubic LFSR Sequences

» Providing Voice Privacy Over Public Switched Telephone Networks

» Dynamic pharming attacks and locked sameorigin policies for web browsers

» Alpaca extensible authorization for distributed services

» Secure Remote Authentication Using Biometric Data

» Deciding Security for Protocols with Recursive Tests

Post Info
More Details (n/a)

Added	24 Jun 2010
Updated	24 Jun 2010
Type	Conference
Year	2005
Where	ACSAC
Authors	John P. Jones, Daniel F. Berger, Chinya V. Ravishankar

Comments (0)

Sciweavers

Layering Public Key Distribution Over Secure DNS using Authenticated Delegation

ACSAC 2005 | IKS Servers | Prototype Iks Implementation | Relevant Iks Servers | Security Privacy |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers