Designing a Global Authentication Infrastructure

In this paper, we address the problem of scaling authentication for naming, routing, and end-entity certification to a global environment in which authentication policies and users’ sets of trust roots vary widely. The current infrastructures for authenticating names (DNSSEC), routes (BGPSEC), and end-entity certificates (TLS) do not support a coexistence of authentication policies, affect the entire Internet when compromised, cannot update trust root information efficiently enough, and do not provide users with the ability to make flexible trust decisions. We propose a Scalable Authentication Infrastructure for Next-generation Trust (SAINT), which partitions the Internet into groups with common, local trust roots, and isolates the effects of a compromised trust root. SAINT requires groups with direct routing connections to cross-sign each other for authentication purposes, allowing different authentication policies while keeping all entities globally verifiable. SAINT makes trust root management a central part of the network architecture, enabling trust root updates within seconds and providing users with the flexibility to make trust decisions. SAINT operates without a significant performance penalty and can be deployed incrementally alongside existing infrastructures.