Today's Internet relies too much on unaccountable Certificate Authorities (CAs) for securing communications online.CAs are responsible for assigning correct digital identities to websites or people, enabling users to ensure they are talking to the right entity online. Unfortunately, compromised or coerced CAs can misbehave and assign your digital identity to a malicious attacker. As a result, the attacker can impersonate you, listen in on your conversations or even modify them. Our work aims to make such CA misbehavior evident to users, deterring attacks by empowering users to detect them fast. Our approach is to enable users to efficiently audit the history of updates to their digital identity, which makes it possible for them to detect if a fake identity has been issued in their name. To achieve this goal, we leverage existing systems like Bitcoin to make it difficult for CAs to lie about identities and also develop new cryptographic techniques that allow users to audit their digital identity history efficiently.
If you would like to contact us about our work, please scroll down to the people section and click on one of the group leads' people pages, where you can reach out to them directly.