Abstract
As the amount of information resources on the Web keeps increasing so are the concerns for information integrity, confidentiality and authenticity. In Web 2.0 users are producers as well as consumers of content and metadata, which makes guaranteeing the authenticity and integrity of information critical. The scale of the Web requires that any proposals in this direction require minimal (if any) infrastructural or administrative changes. This paper proposes the use of ID-based cryptography (IBC) to address requirements for integrity and authenticity of Web resources using either the URL/URI of a resource or the DNS name part of if. This approach presents certain challenges, which are discussed along with the pros and cons of different designs and implementations.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Boneh, D., Ding, X., Tsudik, G., Wong, M., Wong, M.: Method for Fast Revocation of Public Key Certificates and Security Capabilities. In: 10th USENIX Security Symposium, pp. 297–308 (2001)
Boneh, D., Ding, X., Tsudik: Identity-Based Mediated RSA. In: Proceedings of 3rd International Workshop on Information and Security Applications, WISA 2002 (2002)
Crampton, J., Lim, H.W., Paterson, K.G.: What can identity-based cryptography offer to web services? In: Proceedings of the 2007 ACM Workshop on Secure Web Services, pp. 26–36. ACM, New York (2007)
Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: DNS Security Introduction and Requirements. IETF draft: draft-ietf-dnsext-dnssec-intro-13, October 10 (2004)
Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)
Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002)
Jones, J.P., Berger, D.F., Ravishankar, C.V.: Layering public key distribution over secure DNS using authenticated delegation. In: 21st Annual Computer Security Applications Conference (2005)
Metz, C., Bsales, J.: Five Ideas That Will Reinvent Modern Computing. PC Magazine (2007)
O’Reilly, T.: What Is Web 2.0. Design Patterns and Business Models for the Next Generation of Software. O’Reilly, Sebastopol (2005)
PARC (Palo Alto Research Center). Content-Centric Networking: PARC’s Strategy for Pioneering a Self-Organizing Network That Meets Information Needs. Media Backgrounder (2006), http://www.parc.com/content/newsroom/CCN_backgrounder.pdf
Paterson, K.G., Price, G.: A comparison between traditional public key infrastructures and identity-based cryptography. Information Security Technical Report, vol. 8(3), pp. 57–72 (July 2003)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Eastlake, D., Reagle, J., Solo, D., Hirsch, F., Roessler, T.: XMLDsig - XML Signature Syntax and Processing, 2nd edn. W3C Recommendation (2008), http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/
RFC2807. XML Signature Requirements. IETF (July 2000), http://www.ietf.org/rfc/rfc2807.txt
RFC3986. Uniform Resource Identifier (URI): Generic Syntax. IETF (January 2005), http://www.ietf.org/rfc/rfc3986.txt
Smetters, D.K., Durfee, G.: Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPsec. In: Proceedings of 12th USENIX Security Symposium, pp. 215–229 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Tiropanis, T., Dimitriou, T. (2009). Use of ID-Based Cryptography for the Efficient Verification of the Integrity and Authenticity of Web Resources. In: Chen, Y., Dimitriou, T.D., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2009. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 19. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05284-2_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-05284-2_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-05283-5
Online ISBN: 978-3-642-05284-2
eBook Packages: Computer ScienceComputer Science (R0)