Secure Web Authentication against Deceiving URLs and Compromised Root Certificate Authorities
Publication Date: 2016-Jan-29
The IP.com Prior Art Database
This publication proposes a way to perform web authentication securely when under attack from deceiving URLs or compromised root or subordinate certificate authorities. The solution uses an approach similar to Diffie-Hellman, but eliminating the possibility of the man-in-the-middle attack. The solution further verifies the server certificate chain owned by the server and the one seen by the user to further eliminate the attacks.