Virtual Software Tokens - A Practical Way to Secure PKI Roaming

Kwon, Taekyoung

doi:10.1007/3-540-45831-X_20

Taekyoung Kwon⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2437))

Included in the following conference series:

International Conference on Infrastructure Security

779 Accesses
10 Citations
6 Altmetric

Abstract

A public key infrastructure (PKI) plays an important role in utilizing a digital certificate as user’s digital identifier in a reliable manner. Due to the users’ demands for using their digital identifiers in places, a need for PKI roaming is rapidly growing in such a promising infrastructure. Cooperating with multiple servers must be a practical way to secure PKI roaming in software-based environments. This paper describes a new method of running RSA algorithms with a multitude of servers, in a way that a human user keeps an ID and password pair only. Our basic idea is to hide a real ID and split a password as well as a private exponent over multiple servers, so as to generate signatures or decrypt messages via the so-called virtual software tokens.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

P. Beguin and J. Quisquater, “Fast server-aided RSA signatures secure against active attacks,” Advances in Cryptology-Crypto 95, Lecture Notes in Computer Science, Vol. 963, Springer-Verlag, pp. 70–83, 1995.
Google Scholar
M. Bellare and R. Sandhu, “The security of practical two-party RSA signature schemes,” Manuscript, 2001.
Google Scholar
C. Boyd, “Digital multisignatures,” Cryptography and Coding. Oxford University Press, 241–246, 1989.
Google Scholar
S. Brands, Rethinking public key infrastructures and digital certificates, The MIT Press, p.11 and pp. 219–224, 2000.
Google Scholar
D. Chaum, “Blind signatures for untraceable payments, ” Advances in Cryptology-Crypto 82, Lecture Notes in Computer Science, Vol. 1440, Springer-Verlag, pp. 199–203, 1983.
Google Scholar
W. Ford and B. Kaliski, “Server-assisted generation of a strong secret from a password,” Proc. IEEE International Workshop on Enterprise Security, 2000.
Google Scholar
Y. Frankel, P. Gemmall, P. MacKenzie, and M. Yung, “Proactive RSA, ” Advances in Cryptology-Crypto 97, Lecture Notes in Computer Science, Vol. 1294, Springer-Verlag, pp. 440–454, 1997.
Chapter Google Scholar
R. Ganesan, “Yaksha: Augmenting Kerberos with public key cryptography,” Proc. ISOC Network and Distributed System Security Symp., February 1995.
Google Scholar
D. Hoover and B. Kausik, “Software smart cards via cryptographic camouflage,” Proc. IEEE Symp. on Security and Privacy, 1999.
Google Scholar
D. Jablon, “Password authentication using multiple servers,” Topics in Cryptology-RSA 2001, Lecture Notes in Computer Science, Vol. 2020, Springer-Verlag, pp. 344–360, 2001
Chapter Google Scholar
T. Kwon, “Robust Software Tokens-Toward securing user’s digital identity, ” Manuscript, 2001.
Google Scholar
P. MacKenzie and M. Reiter, “Networked cryptographic devices resilient to capture,” Proc. IEEE Symp. on Security and Privacy, 2001.
Google Scholar
T. Matsumoto, K. Kato, H. Imai, “Speeding up secret computations with insecure auxiliary devices,” Advances in Cryptology-Crypto 88, Lecture Notes in Computer Science, Vol. 403, Springer-Verlag, pp. 497–506, 1989
Chapter Google Scholar
A. Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography, CRC Press, pp.287–291, pp. 312–315, 1997.
Google Scholar
R. Perlman and C. Kaufman, “Secure password-based protocol for downloading a private key,” Proc. ISOC Network and Distributed System Security Symposium, 1999.
Google Scholar
R. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, vol. 21, pp. 120–126, 1978.
Article MATH MathSciNet Google Scholar
RSA Labs, “RSA Keon Web PassPort, Technical Overview,” http://www.rsasecurity.com/
G. Simmons, “A “weak” privacy protocol using the RSA crypto algorithm,” Cryptologia, vol.7, pp. 180–182, 1983.
Article MATH Google Scholar
J. Tardo and K. Alagappan, “SPX: Global authentication using public key certificates,” Proc. IEEE Symp. on Security and Privacy, 1991.
Google Scholar
M. Wiener, “Cryptanalysis of short RSA secret exponents,” IEEE Transactions on Information Theory, vol.36, no.3, May 1990.
Google Scholar

Download references

Author information

Authors and Affiliations

Sejong University, 143-747, Seoul, Korea
Taekyoung Kwon

Authors

Taekyoung Kwon
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

University of Wisconsin-Milwaukee, 53201, Milwaukee, WI, USA
George Davida
TechTegrity LLC, P.O. Box 2125, 07091, Westfield, NJ, USA
Yair Frankel
Hewlett-Packard Laboratories, Filton Road, Stoke Gifford, BS34 8QZ, Bristol, UK
Owen Rees

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kwon, T. (2002). Virtual Software Tokens - A Practical Way to Secure PKI Roaming. In: Davida, G., Frankel, Y., Rees, O. (eds) Infrastructure Security. InfraSec 2002. Lecture Notes in Computer Science, vol 2437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45831-X_20

Download citation

DOI: https://doi.org/10.1007/3-540-45831-X_20
Published: 26 September 2002
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-44309-4
Online ISBN: 978-3-540-45831-9
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics