Date : 13-08-09
[Seminar] "Accountable Key Infrastructure (AKI): A Proposal for a Public-Key Validation Infrastructure" by Prof. Adrian Perrig, ETH (August. 16, 5:00pm~:6:00pm)
Author : Admin
Views : 3,102
장소: 우정정보통신관 202호
날짜 및 시간: 8월 16일 금요일 5시

Adrian Perrig is a Professor of Computer Science at the Department of
Computer Science at the Swiss Federal Institute of Technology (ETH) in
Zürich, where he leads the network security group. From 2002 to 2012,
he was a Professor of Electrical and Computer Engineering, Engineering
and Public Policy, and Computer Science (courtesy) at Carnegie Mellon
University. He served as the technical director for Carnegie Mellon's
Cybersecurity Laboratory (CyLab). He earned his Ph.D. degree in
Computer Science from Carnegie Mellon University under the guidance of
J. D. Tygar, and spent three years during his Ph.D. degree at the
University of California at Berkeley. He received his B.Sc. degree in
Computer Engineering from the Swiss Federal Institute of Technology in
Lausanne (EPFL). Adrian's research revolves around building secure
systems and includes network security, trustworthy computing, and
security for social networks.

Accountable Key Infrastructure (AKI): A Proposal for a Public-Key Validation Infrastructure

Recent trends in public-key infrastructure research explore the
tradeoff between decreased trust in Certificate Authorities (CAs),
resilience against attacks, communication overhead (bandwidth and
latency) for setting up an SSL/TLS connection, and availability with
respect to verifiability of public key information. In this paper,
we propose AKI as a new public-key validation infrastructure, to
reduce the level of trust in CAs. AKI integrates an architecture
for key revocation of all entities (e.g., CAs, domains) with an
architecture for accountability of all infrastructure parties
through checks-and-balances. AKI efficiently handles common
certification operations, and gracefully handles catastrophic events
such as domain key loss or compromise. We propose AKI to make
progress towards a public-key validation infrastructure with key
revocation that reduces trust in any single entity.