{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T23:14:59Z","timestamp":1763507699268,"version":"3.37.3"},"reference-count":39,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"3","license":[{"start":{"date-parts":[[2018,5,1]],"date-time":"2018-05-01T00:00:00Z","timestamp":1525132800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2018,5,1]],"date-time":"2018-05-01T00:00:00Z","timestamp":1525132800000},"content-version":"am","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2018,5,1]],"date-time":"2018-05-01T00:00:00Z","timestamp":1525132800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2018,5,1]],"date-time":"2018-05-01T00:00:00Z","timestamp":1525132800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"funder":[{"name":"CyLab at Carnegie Mellon University"},{"name":"US National Science Foundation","award":["CNS-1040801"],"award-info":[{"award-number":["CNS-1040801"]}]},{"name":"European Research Council under the European Union's Seventh Framework Programme","award":["FP7\/2007-2013"],"award-info":[{"award-number":["FP7\/2007-2013"]}]},{"name":"ERC","award":["617605"],"award-info":[{"award-number":["617605"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Trans. Dependable and Secure Comput."],"published-print":{"date-parts":[[2018,5,1]]},"DOI":"10.1109\/tdsc.2016.2601610","type":"journal-article","created":{"date-parts":[[2016,8,19]],"date-time":"2016-08-19T18:23:44Z","timestamp":1471631024000},"page":"393-408","source":"Crossref","is-referenced-by-count":39,"title":["Design, Analysis, and Implementation of ARPKI: An Attack-Resilient Public-Key Infrastructure"],"prefix":"10.1109","volume":"15","author":[{"given":"David","family":"Basin","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Cas","family":"Cremers","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tiffany Hyun-Jin","family":"Kim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Adrian","family":"Perrig","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5632-6099","authenticated-orcid":false,"given":"Ralf","family":"Sasse","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Pawel","family":"Szalachowski","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"article-title":"Scion five years later:\n Revisiting scalability, control, and isolation on next-generation networks","year":"2015","author":"barrera","key":"ref39"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.1145\/2668152.2673311"},{"key":"ref33","first-page":"27","article-title":"Fast elliptic curve cryptography in OpenSSL","volume":"7126","author":"kasper","year":"2012","journal-title":"Financial Cryptography and Data Security"},{"key":"ref32","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-012-0027-1"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.17487\/rfc5280"},{"key":"ref30","first-page":"696","article-title":"The TAMARIN prover for the symbolic\n analysis of security protocols","author":"meier","year":"2013","journal-title":"Proc 25th Int Conf Comput Aided Verification"},{"article-title":"Early impacts of certificate transparency","year":"2016","author":"huang","key":"ref37"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1109\/CNS.2015.7346853"},{"key":"ref35","doi-asserted-by":"publisher","DOI":"10.17487\/rfc6962"},{"article-title":"Overclocking SSL","year":"2010","author":"langley","key":"ref34"},{"key":"ref10","first-page":"19","article-title":"Global authentication in an untrustworthy world","author":"abadi","year":"2013","journal-title":"Proceedings of the 14th USENIX Conference on Hot Topics in Operating Systems"},{"key":"ref11","first-page":"321","article-title":"Perspectives: Improving SSH-style host authentication with multi-path probing","author":"wendlandt","year":"2008","journal-title":"Proc USENIX 2008 Annu Tech Conf"},{"year":"2011","key":"ref12"},{"year":"2010","key":"ref13","article-title":"SSL observatory."},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.17487\/rfc3280"},{"key":"ref15","doi-asserted-by":"publisher","DOI":"10.17487\/rfc2560"},{"key":"ref16","first-page":"1","article-title":"Towards short-lived certificates","author":"topalovic","year":"2012","journal-title":"Proc IEEE Oakland Web 2 0 Secur Privacy"},{"journal-title":"Public Key Pinning","year":"2011","key":"ref17"},{"year":"2011","key":"ref18"},{"article-title":"Trust assertions for certificate keys","year":"2012","author":"marlinspike","key":"ref19"},{"article-title":"Second firm warns of concern after Dutch hack","year":"2011","author":"sterling","key":"ref4"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382204"},{"article-title":"Key internet operator VeriSign hit by hackers","year":"2012","author":"menn","key":"ref3"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/1655008.1655012"},{"article-title":"Sovereign key cryptography for internet domains","year":"2012","author":"eckersley","key":"ref6"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.17487\/rfc6962"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2012.25"},{"journal-title":"ARPKI","year":"2015","key":"ref8"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/2488388.2488448"},{"article-title":"Phony SSL certificates issued for Google, Yahoo, Skype, others","year":"2011","author":"roberts","key":"ref2"},{"article-title":"The TURKTRUST SSL certificate fiasco - what really happened, and\n what happens next?","year":"2013","author":"ducklin","key":"ref1"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660298"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.17487\/rfc6698"},{"article-title":"DNSChain","year":"2014","author":"slepak","key":"ref22"},{"article-title":"DNS\n certificate authority authentication (CAA) resource record","year":"2013","author":"hallam-baker","key":"ref21"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23379"},{"article-title":"Revocation transparency","year":"2012","author":"laurie","key":"ref23"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660355"},{"key":"ref25","article-title":"DTKI: A new formalized PKI\n with no trusted parties","author":"yu","year":"2014","journal-title":"IACR Cryptology ePrint Archive"}],"container-title":["IEEE Transactions on Dependable and Secure Computing"],"original-title":[],"link":[{"URL":"https:\/\/ieeexplore.ieee.org\/ielaam\/8858\/8356073\/7547899-aam.pdf","content-type":"application\/pdf","content-version":"am","intended-application":"syndication"},{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/8858\/8356073\/07547899.pdf?arnumber=7547899","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,4,8]],"date-time":"2022-04-08T18:51:29Z","timestamp":1649443889000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/7547899\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,5,1]]},"references-count":39,"journal-issue":{"issue":"3"},"URL":"https:\/\/doi.org\/10.1109\/tdsc.2016.2601610","relation":{},"ISSN":["1545-5971"],"issn-type":[{"type":"print","value":"1545-5971"}],"subject":[],"published":{"date-parts":[[2018,5,1]]}}}