General
|
Written by Daniel
|
Tuesday, 26 August 2008 12:02 |
Network notary system thwarts man-in-the-middle attacks
By Ryan Paul | Published: August 26, 2008 - 09:43AM CT
A new system devised by Carnegie Mellon University researchers aims to thwart man-in-the-middle (MitM) attacks by providing a way to verify the authenticity of self-signed certificates. The system, which is called Perspectives, uses a distributed network of "notary" servers to evaluate the public key of a target destination so that its validity can be ascertained. The growing presence of public wireless access points puts more users at risk of falling prey to man-in-the-middle attacks. The researchers believe that the Perspectives system can resolve this problem and offer reasonably strong security guarantees for users who visit web sites that have self-signed certificates instead of certificates that are independently validated by certificate authorities. [ARS Technica...] [Comments...]
|