Skip to main content
SpringerLink
Log in

Cert’eM: Certification System Based on Electronic Mail Service Structure

  • Conference paper
  • First Online:
Secure Networking — CQRE [Secure] ’ 99 (CQRE 1999)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1740))

Included in the following conference series:

  • 378 Accesses

Abstract

Public-Key Infrastructures are considered the basis of the protocols and tools needed to guarantee the security demanded for new Internet applications like electronic commerce, government-citizen relationships and digital distribution. This paper introduces a new infrastructure design, Cert’eM, a key management and certification system that is based on the structure of the electronic mail service and on the principle of near-certification. Cert’eM provides secure means to identify users and distribute their public-key certificates, enhances the efficiency of revocation procedures, and avoids scalability and synchronization problems. The system, developed and tested at the University of Malaga, was recently selected by RedIRIS, the National Research and Academic Network in Spain, to provide the public key service for its secure electronic mail.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. U.K. Department of Trade and Industry, “Building Confidence in Electronic Commerce-A Consultation Document”, March 1999.

    Google Scholar 

  2. J. Kohl, “The Use of Encryption in Kerberos for Network Authentication”, Advances in Cryptology, Proceedings of CRYPTO’ 89, Springer-Verlag, 1989, pp. 35–43.

    Google Scholar 

  3. J. Kohl, B. Neuman, “The Kerberos Network Authentication Service (V5)”, RFC 1510, 1993. http://www.ietf.org/rfc/rfc1510.txt

  4. D. Davis, “Kerberos Plus RSA for World Wide Web Security”, First USENIX Workshop on Electronic Commerce, 1995, pp. 185–188.

    Google Scholar 

  5. R. Ganesan, “Yaksha: Augmenting Kerberos with Public Key Cryptography”, Internet Society Symposium on Network and Distributed Systems Security, IEEE Press, 1995, pp. 132–143.

    Google Scholar 

  6. J. Schiller, D. Atkins, “Scaling the Web of Trust: Combining Kerberos and PGP to Provide Large Scale Authentication”, USENIX Technical Conference, 1995.

    Google Scholar 

  7. W. Diffie, M. Hellman, “New Directions in Cryptography”. IEEE Transactions on Information Theory, IT-22, n. 6. 1976, pp. 644–654.

    Article  MathSciNet  Google Scholar 

  8. International Telecommunication Union, Itu-t Recommendation X.509. Information Technology-Open Systems Interconnection-The Directory: Authentication Framework, 1997.

    Google Scholar 

  9. C. Ellison, “SPKI Requirements”, Internet draft, May 1999. http://www.ietf.org/internet-drafts/draft-ietf-spki-cert-req-03.txt

  10. C. Ellison, W. Frantz, B. Lampson, R. Rivest, B. Thomas, T. Ylonen, “SPKI Certificate Theory”, Internet draft, June 1999. http://www.ietf.org/internet-drafts/draft-ietf-spki-cert-theory-05.txt

  11. D. Eastlake, “Domain Name System Security Extensions”, RFC 2535, March 1999. http://www.ietf.org/rfc/rfc2535.txt

  12. D. Eastlake, O. Gudmundsson, “Storing Certificates in the Domain Name System (DNS)”, RFC 2538, March 1999. http://www.ietf.org/rfc/rfc2538.txt

  13. European Commission, “Proposal for a European Parliament and Council Directive on a Common Framework for Electronic Signatures”, COM(1998) 297 final, 1998. http://www.ispo.cec.be/eif/policy/com98297.html

  14. R. Rivest, “Can we Eliminate Revocation Lists?”, Proceedings of the Second International Conference on Financial Cryptography, FC’ 98, Springer-Verlag, 1998.

    Google Scholar 

  15. C. Adams, M. Myers, A. Malpani, R. Ankney, S. Galperin, “X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-OCSP”, Internet draft, April 1999. http://www.ietf.org/internet-drafts/draft-ietf-pkix-ocsp-08.txt

  16. B. Wright, “Making Numbers Ceremonial: Signing Tax Returns with Personal Identification Numbers”, personal communication, 1998.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, E.T.S. Ingenieria Informatica, Universidad de Malaga, 29071, Malaga, Spain

    Javier Lopez, Antonio Mana & Juan J. Ortega

Authors
  1. Javier Lopez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Antonio Mana
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Juan J. Ortega
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 1999 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Lopez, J., Mana, A., Ortega, J.J. (1999). Cert’eM: Certification System Based on Electronic Mail Service Structure. In: Secure Networking — CQRE [Secure] ’ 99. CQRE 1999. Lecture Notes in Computer Science, vol 1740. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46701-7_9

Download citation

  • DOI: https://doi.org/10.1007/3-540-46701-7_9

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-66800-8

  • Online ISBN: 978-3-540-46701-4

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation