Network notary system thwarts man-in-the-middle attacks

By Ryan Paul | Published: August 26, 2008 - 09:43AM CT

A new system devised by Carnegie Mellon University researchers aims to thwart man-in-the-middle (MitM) attacks by providing a way to verify the authenticity of self-signed certificates. The system, which is called Perspectives, uses a distributed network of "notary" servers to evaluate the public key of a target destination so that its validity can be ascertained.

 The growing presence of public wireless access points puts more users at risk of falling prey to man-in-the-middle attacks. The researchers believe that the Perspectives system can resolve this problem and offer reasonably strong security guarantees for users who visit web sites that have self-signed certificates instead of certificates that are independently validated by certificate authorities.   [ARS Technica...]   [Comments...]