Hon, 2024 - Google Patents
Public key infrastructure; passwordsHon, 2024
- Document ID
- 8669483406323403110
- Author
- Hon K
- Publication year
- Publication venue
- Technology and Security for Lawyers and Other Professionals
External Links
Snippet
Suppose X owns a public key K for PKC use. How can someone else be sure that a key is X's public key K? X could send K to them, or they could seek it online, and then TOFU/Trust On First Use. However, MITMs could intercept or replace K, so that what someone thinks is …
- 238000000034 method 0 abstract description 15
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111164948B (en) | Managing network security vulnerabilities using blockchain networks | |
| Li et al. | The {Emperor’s} new password manager: Security analysis of web-based password managers | |
| US20190281028A1 (en) | System and method for decentralized authentication using a distributed transaction-based state machine | |
| JP2022545627A (en) | Decentralized data authentication | |
| US20110320818A1 (en) | System and method for providing security in browser-based access to smart cards | |
| JP2011515961A (en) | Authentication storage method and authentication storage system for client side certificate authentication information | |
| CN108259406B (en) | Method and system for verifying SSL certificate | |
| Atashzar et al. | A survey on web application vulnerabilities and countermeasures | |
| US10897353B2 (en) | Computer-implemented method for generating passwords and computer program products of same | |
| JP7309880B2 (en) | Timestamp-based authentication including redirection | |
| Alaca et al. | Comparative analysis and framework evaluating web single sign-on systems | |
| Singh et al. | OAuth 2.0: Architectural design augmentation for mitigation of common security vulnerabilities | |
| Heilman et al. | OpenPubkey: Augmenting OpenID connect with user held signing keys | |
| JP5186648B2 (en) | System and method for facilitating secure online transactions | |
| Polleit et al. | Defeating the secrets of otp apps | |
| Kumar | Mitigating the authentication vulnerabilities in Web applications through security requirements | |
| Kim et al. | Security analysis and bypass user authentication bound to device of windows hello in the wild | |
| Hon | Public key infrastructure; passwords | |
| Sagar et al. | Information security: safeguarding resources and building trust | |
| Ghazizadeh et al. | Secure OpenID authentication model by using Trusted Computing | |
| Kuzminykh et al. | Mechanisms of ensuring security in Keystone service | |
| Holtmann | Single Sign-On Security: Security Analysis of Real-Life OpenID Connect Implementations | |
| Bradbury | Digital certificates: worth the paper they're written on? | |
| Pal et al. | Malsign: Threat analysis of signed and implicitly trusted malicious code | |
| US20240364541A1 (en) | Decentralization of last resort recovery using secrets |