Advanced Search
DSpace@MIT

LOKI : a lease-oriented key infrastructure with instant updates and seizure-resistance

Research and Teaching Output of the MIT Community

Show simple item record

dc.contributor.advisor Srini Devadas. en_US
dc.contributor.author Fromknecht, Conner (Conner M.) en_US
dc.contributor.other Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science. en_US
dc.date.accessioned 2017-12-20T18:17:09Z
dc.date.available 2017-12-20T18:17:09Z
dc.date.copyright 2017 en_US
dc.date.issued 2017 en_US
dc.identifier.uri http://hdl.handle.net/1721.1/112914
dc.description Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2017. en_US
dc.description Cataloged from PDF version of thesis. en_US
dc.description Includes bibliographical references (pages 69-70). en_US
dc.description.abstract Most of the secure communication protocols that power the Internet of today rely on a robust and frictionless mechanism for digital identity attestation. Authentication is typically achieved using a Public Key Infrastructure (PKI) that enables users to verify a counterparty's public key binding. Unfortunately, the structure of many existing PKIs present vulnerabilities and usability issues that stem from a lack of consistency, inefficient updates, or a dependence on centralized entities. In this work we present a decentralized marketplace for digital identities that autonomously leases the verification state of a globally-consistent PKI. Users express ownership of an identity through a sequence of leases, which incrementally defines the conditions under which ownership can be renewed and the identity's bindings can be updated. A careful structuring of the lease semantics, economic incentives and architectural design enables a fast update protocol, which permits clients to verify and accept a fresher binding without needing to wait for confirmation from the underlying consensus layer. The task of registration accuracy is extended naturally through the structure of the DNS namespace, after which the state of the system at any particular time acts as the root of trust during authentication. We discuss a novel seizure-resistance mechamism called dormancy, which in turn gives the existing owner of an identity substantial preference during the renewal process. Finally, we show how the system could be used to efficiently and unobtrusively secure today's communication protocols. en_US
dc.description.statementofresponsibility by Conner Fromknecht. en_US
dc.format.extent 70 pages en_US
dc.language.iso eng en_US
dc.publisher Massachusetts Institute of Technology en_US
dc.rights MIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission. en_US
dc.rights.uri http://dspace.mit.edu/handle/1721.1/7582 en_US
dc.subject Electrical Engineering and Computer Science. en_US
dc.title LOKI : a lease-oriented key infrastructure with instant updates and seizure-resistance en_US
dc.title.alternative Lease-oriented key infrastructure with instant updates and seizure-resistance en_US
dc.type Thesis en_US
dc.description.degree M. Eng. en_US
dc.contributor.department Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science. en_US
dc.identifier.oclc 1015247248 en_US


Files in this item

Name Size Format Description
1015247248-MIT.pdf 3.750Mb PDF Full printable version

This item appears in the following Collection(s)

Show simple item record

MIT-Mirage