COCA: a secure distributed online certification authority

COCA is a fault-tolerant and secure online certification authority that has been built and deployed both in a local area network and in the Internet. Extremely weak assumptions characterize environments in which COCA's protocols execute correctly: no assumption is made about execution speed and message delivery delays; channels are expected to exhibit only intermittent reliability; and with 3t + 1 COCA servers up to t may be faulty or compromised. COCA is the first system to integrate a Byzantine quorum system (used to achieve availability) with proactive recovery (used to defend against mobile adversaries which attack, compromise, and control one replica for a limited period of time before moving on to another). In addition to tackling problems associated with combining fault-tolerance and security, new proactive recovery protocols had to be developed. Experimental results give a quantitative evaluation for the cost and effectiveness of the protocols. Categories and Subject Descriptors: C.2.0 [Computer-Communication Networks]: General--Security and protection; C.2.4 [Computer-Communication Networks]: Distributed Systems--Client/server; D.4.5 [Operating Systems]: Reliability--Fault-tolerance; D.4.6 [Operating Systems]: Security and Protection--Authentication; cryptographic controls; E.3 [Data]: Data Encryption--Public key cryptosystems General Terms: Security, Reliability, Design, Performance, Measurement Additional Key Words and Phrases: Certification authority, public key infrastructure, Byzantine quorum systems, threshold cryptography, proactive secret-sharing, denial of service