Skip to main content
SpringerLink
Log in

Distributing Security-Mediated PKI Revisited

  • Conference paper
Public Key Infrastructure (EuroPKI 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4043))

Included in the following conference series:

Abstract

The SEM approach to PKI offers several advantages, such as immediate revocation of users’ signing ability without CRLs and compatibility with the standard RSA. However, it has a weakness against denial of service attack caused by breaking down or being compromised. G. Vanrenen et al. proposed a distributed SEM approach to overcome the weakness. However, it does not provide the desirable properties such as instant availability and immunity against denial of service attack, due to inadequate usage of threshold cryptography and proactive secret sharing. In this paper, we point out its structural shortcomings and propose a modified version.

This work was partially supported by IT Scholarship Program supervised by Institute for Information Technology Advancement (IITA) & Ministry of Information and Communication (MIC) in Republic of Korea, Grant No. R01-2006-000-10260-0 from the Basic Research Program of KOSEF, and Strategic International Cooperative Program, Japan Science and Technology Agency (JST).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Herzberg, A., Jakobsson, M., Jarechi, S., Krawczyk, H., Yung, M.: Proactive public key and signature systems. In: ACM Conference on Computer and Communications Security, pp. 100–110 (1997)

    Google Scholar 

  2. Herzberg, A., Jarecki, S., Krawczyk, H., Yung, M.: Proactive secret sharing or: How to cope with perpetual leakage. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 339–352. Springer, Heidelberg (1995)

    Google Scholar 

  3. Boneh, D., Ding, X., Tsudik, G., Wong, C.M.: A method for fast revocation of public key certificates and security capabilities. In: 10th USENIX Security Symposium, pp. 297–308 (2001)

    Google Scholar 

  4. Adams, C., Lloyd, S.: Understanding public-key infrastructure: concepts, standard, and deployment considerations. Macmillan Technical Publishing, Indianapolis (1999)

    Google Scholar 

  5. Vanrenen, G., Smith, S.W.: Distributing Security-Mediated PKI. In: 1st European PKI Workshop Research and Applications, pp. 213–231 (2004)

    Google Scholar 

  6. Luo, H., Lu, S.: Ubiquitous and Robust Authentication Services for Ad Hoc Wireless Networks, UCLA Computer Science Technical Report 200030 (2000)

    Google Scholar 

  7. Zhou, L.: Towards Fault-Tolerant and Secure On-line Services, PhD Dissertation, Department of Computer Science, Cornell University, Ithaca, NY USA (2001)

    Google Scholar 

  8. Naor, M., Nissim, K.: Certificate revocation and certificate update. In: 7th USENIX Security Symposium, pp. 217–228 (1998)

    Google Scholar 

  9. Felman, P.: A Pracitcal Scheme for Non-Interactive Verifiable Secret Sharing. In: 28th Annual IEEE Symposium on Foundations of Computer Science (1987)

    Google Scholar 

  10. MacKenzie, P., Reiter, M.: Networked Cryptographic Devices Resilient to Capture. IEEE Security and Privacy 01, 21–25 (2001)

    Google Scholar 

  11. Sandhu, R., Bellare, M., Ganesan, R.: Password-Enabled PKI: Virtual Smartcards versus Virtual Soft Tokens. In: 1st Annual PKI Research Workshop, pp. 89–96 (2002)

    Google Scholar 

  12. Jarecki, S., Saxena, N., Yi, J.H.: An Attack on the Proactive RSA Signature Scheme in the URSA Ad-Hoc Network Access Control Protocol. In: ACM Workshop on Security of Ad Hoc and Sensor Networks, pp. 1–9 (2004)

    Google Scholar 

  13. Koga, S., Imamoto, K., Sakurai, K.: Enhancing Security of Security-Mediated PKI by One-time ID. In: 4th Annual PKI R&D Workshop, pp. 176–189 (2005)

    Google Scholar 

  14. Xu, S., Sandhu, R.: Two Efficient and Provably Secure Schemes for Server-Assisted Threshold Signatures. CT-RSA, pp. 355–372 (2003)

    Google Scholar 

  15. Rabin, T.: A Simplified Approach to Threshold and Proactive RSA. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 89–104. Springer, Heidelberg (1998)

    Google Scholar 

  16. Pedersen, T.P.: Non-interactive and Information-Theoretic Secure Verifiable Secret Sharing. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 129–140. Springer, Heidelberg (1992)

    Google Scholar 

  17. Ding, X., Mazzocchi, D., Tsudik, G.: Experimenting with server-aided signatures. In: Network and Distributed Systems Security Symposium (2002)

    Google Scholar 

  18. Wang, X.: Intrusion-Tolerant Password-Enabled PKI. In: 2nd Annual PKI Research Workshop Proceedings, pp. 44–53 (2003)

    Google Scholar 

  19. Frankel, Y., Gemmell, P., MacKenzie, P.D., Yung, M.: Optimal resilience proactive public key cryptosystems. In: IEEE Symposium on Foundations of Computer Science, pp. 440–454 (1997)

    Google Scholar 

  20. Frankel, Y., Gemmell, P.S., MacKenzie, P.D., Yung, M.: Proactive RSA. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 440–454. Springer, Heidelberg (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Graduate School of Information Science and Electrical Engineering, Kyushu University, 6-10-1 Hakozaki, Higashi-ku, Fukuoka, 812-0053, Japan

    Jong-Phil Yang & Kouichi Sakurai

  2. Division of Electronic, Computer and Telecommunication Engineering, Pukyong National University, 599-1, Daeyeon3-Dong, Nam-Gu, Pusan, 608-737, Republic of Korea

    Kyung Hyune Rhee

Authors
  1. Jong-Phil Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kouichi Sakurai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kyung Hyune Rhee
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dip. di Automatica ed Informatica, Politecnico di Torino, Corso Duca degli Abruzzi, 24, 10129, Turin, Italy

    Andrea S. Atzeni

  2. Dip. Di Automatica e Informatica, Politecnico di Torino, Corso Duca degli Abruzzi 24, 10129, Torino, Italy

    Antonio Lioy

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yang, JP., Sakurai, K., Rhee, K.H. (2006). Distributing Security-Mediated PKI Revisited. In: Atzeni, A.S., Lioy, A. (eds) Public Key Infrastructure. EuroPKI 2006. Lecture Notes in Computer Science, vol 4043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11774716_3

Download citation

  • DOI: https://doi.org/10.1007/11774716_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-35151-1

  • Online ISBN: 978-3-540-35152-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation