Send email Copy Email Address


Amir Herzberg from University of Connecticut

Amir will give a talk on "Provable Security for PKI Schemes - and the (Composable) Modular Security Specifications Framework", on Friday, April 12, at 10am CET. 

PKI schemes provide a critical foundation for applied cryptographic protocols. However, there are no rigorous security specifications for realistic PKI schemes, and therefore, no PKI schemes were proven secure. Cryptographic systems that use PKI  are analyzed by adopting overly simplified models of the PKI, often, simply assuming secure public keys. This is problematic considering the extensive reliance on PKI, the multiple  failures of PKI systems, and the fact that  proposed and deployed  PKI are complex, have complex  requirements and assume complex models.  

We present game-based security specifications for PKI schemes, and analyse important, widely deployed PKIs: PKIX and two variants of Certificate Transparency (CT). All PKIs are based on the X.509v3 standard and its CRL revocation mechanism. Our analysis identified few subtle vulnerabilities, and includes reduction-based proofs showing that the PKIs ensure specific requirements under specific models (assumptions).To our knowledge, this is the first reduction-based definition and proof of security for a realistic PKI scheme.

Our specifications and analysis use the Modular Security Specifications (MoSS) framework [Crypto'21]. The talk will explain the relevant aspects of MoSS. We may briefly discuss the extensions that allow provably-secure compositions of protocols. 


Joint work with Sara Wrotniak, Hemi Leibowitz and Ewa Syta


Dr. Herzberg's is the Comcast professor for Cybersecurity Innovation in the school of computing of the university of connecticut. His research areas include internet security, applied cryptography, privacy and anonymity, usable security, security for cyber-physical systems, and social, economic and legal aspects of security. 
Dr. Herzberg earned his Ph.D. in Computer Science in 1991 from the Technion in Israel.  From 1991 to 1995, he worked at the IBM T.J. Watson Research Center, where he was a research staff member and the manager of the Network Security research group.  From 1996 to 2000, Dr. Herzberg was the Manager of E-Business and Security Technologies at the IBM Haifa Research Lab.  From 2002 to 2017, he was a professor in Bar Ilan University (Israel). Since 2017, he is professor at University of Connecticut.



Friday, April 12, at 10 am CET.



The talk will take place in a hybrid mode with a physical presence in the Bernd Therre lecture hall at CISPA C0 (Stuhlsatzenhaus 5, 66123 Saarbruecken) and via Zoom:

Meeting ID: 634 6671 9975
Passcode: JCgU7kL*o*