Paper 2023/1515
OPTIKS: An Optimized Key Transparency System
Abstract
Key Transparency (KT) refers to a public key distribution system with transparency mechanisms proving its correct operation, i.e., proving that it reports consistent values for each user's public key. While prior work on KT systems have offered new designs to tackle this problem, relatively little attention has been paid on the issue of scalability. Indeed, it is not straightforward to actually build a scalable and practical KT system from existing constructions, which may be too complex, inefficient, or non-resilient against machine failures. In this paper, we present OPTIKS, a full featured and optimized KT system that focuses on scalability. Our system is simpler and more performant than prior work, supporting smaller storage overhead while still meeting strong notions of security and privacy. Our design also incorporates a crash-tolerant and scalable server architecture, which we demonstrate by presenting extensive benchmarks. Finally, we address several real-world problems in deploying KT systems that have received limited attention in prior work, including account decommissioning and user-to-device mapping.
Note: This is the full version.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Published elsewhere. Major revision. USENIX Security '24
- Keywords
- transparencykey transparency
- Contact author(s)
-
jl3836 @ cornell edu
melissac @ microsoft com
esha ghosh @ microsoft com
kim laine @ microsoft com
radames cruz @ microsoft com - History
- 2024-08-15: revised
- 2023-10-04: received
- See all versions
- Short URL
- https://ia.cr/2023/1515
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1515,
author = {Julia Len and Melissa Chase and Esha Ghosh and Kim Laine and Radames Cruz Moreno},
title = {{OPTIKS}: An Optimized Key Transparency System},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/1515},
year = {2023},
url = {https://eprint.iacr.org/2023/1515}
}