LOCALPKI: A User-Centric Formally Proven Alternative to PKIX

Abstract : A public-key infrastructure (PKI) binds public keys to identities of entities. Usually, this binding is established through a process of registration and issuance of certificates by a certificate authority (CA) where the validation of the registration is performed by a local registration authority. In this paper, we propose an alternative scheme, called LOCALPKI, where the binding is performed by the local authority and the issuance is left to the end user or to the local authority. The role of our third entity is then to register this binding and to provide up-to-date status information on this registration. The idea is that many more local actors could then take the role of a local authority, thus allowing for an easier spread of public-key certificates in the population. We also prove our scheme's security with Tamarin an automatic verification tool of cryptographic protocols.
Document type :
Conference papers
Complete list of metadatas

Cited literature [20 references]  Display  Hide  Download

Contributor : Jean-Baptiste Orfila <>
Submitted on : Wednesday, July 19, 2017 - 10:17:06 AM
Last modification on : Thursday, July 4, 2019 - 9:54:02 AM


Files produced by the author(s)




Jean-Guillaume Dumas, Pascal Lafourcade, Francis Melemedjian, Jean-Baptiste Orfila, Pascal Thoniel. LOCALPKI: A User-Centric Formally Proven Alternative to PKIX. 14th International Conference on Security and Cryptography SECRYPT, Jul 2017, Madrid, Spain. ⟨10.5220/0006461101870199⟩. ⟨hal-01564696⟩



Record views


Files downloads