This project evaluates different authentication methods that can be used to authenticate services and entities without relying on a CA.
Recent advances in web technology, such as WebRTC , paved the road for providing short-lived services on end-user devices. Similar to legacy services (static and stationary), short-lived services need to be authenticated as well. This project evaluates and compares different authentication methods which might be suitable for use with for short-lived services without relying on traditional CA structures.
The project discusses approaches which use social networks, CPU extensions which enable hardware-backed access control and therefore allow trusted execution on arbitrary devices, or pure software solutions. A prototype based on the inverted trust model has also been created in order to demonstrate the practicability of the discussed concepts and methods.