Abstract
Recent attacks and publications have shown the vulnerability of hierarchical Public Key Infrastructures (PKIs) and the fatal impact of revoked Certification Authority (CA) certificates in the PKIX validity model. Alternative validity models, such as the extended shell and the chain model, improve the situation but rely on independent proofs of existence, which are usually provided using time-stamps. As time-stamps are validated using certificates, they suffer from the same problems as the PKI they are supposed to protect. Our solution to this problem is abandoning time-stamps and providing proof of existence using Forward Secure Signatures (FSS). In particular, we present different possibilities to use the chain model together with FSS, resulting in schemes that include the necessary proofs of existence into the certificates themselves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kohnfelder, L.: Towards a practical public-key cryptosystem. PhD thesis, Massachusetts Institute of Technology (1978)
ISO: ISO/IEC 9594-8 - Information technology — Open Systems Interconnection — The Directory: Public key and attribute certificate frameworks. ISO (2008)
Adams, C., Cain, P., Pinkas, D., Zuccherato, R.: Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP). RFC 3161 (Proposed Standard) (August 2001) Updated by RFC 5816
Comodo: The Recent RA Compromise, http://blogs.comodo.com/it-security/data-security/the-recent-ra-compromise/ (visited November 2011)
h online: Attack on Israeli Certificate Authority, http://h-online.com/-1264008 (visited November 2011)
h online: Fake Google certificate is the result of a hack, http://h-online.com/-1333728 (visited November 2011)
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.: Rfc 5280: Internet x.509 public key infrastructure certificate and certificate revocation list (crl) profile. RFC 5280 (Proposed Standard) (2008)
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)
Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. RFC 2560 (Proposed Standard) (June 1999) Updated by RFC 6277
Baier, H., Karatsiolis, V.: Validity models of electronic signatures and their enforcement in practice. In: Martinelli, F., Preneel, B. (eds.) EuroPKI 2009. LNCS, vol. 6391, pp. 255–270. Springer, Heidelberg (2010)
German Federal Network Agency: Faq, http://www.bundesnetzagentur.de/cln_1911/DE/Sachgebiete/QES/FAQ/faq_node.html (accessed December 2011)
Anderson, R.: Two remarks on public key cryptology. In: Relevant Material Presented by the Author in an Invited Lecture at the 4th ACM Conference on Computer and Communications Security, CCS, pp. 1–4 (1997) (manuscript)
Bellare, M., Miner, S.K.: A forward-secure digital signature scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 431–448. Springer, Heidelberg (1999)
Vratonjic, N., Freudiger, J., Bindschaedler, V., Hubaux, J.P.: The Inconvenient Truth about Web Certificates. In: The Workshop on Economics of Information Security, WEIS (2011)
Dierks, T., Allen, C.: Rfc 2246: The tls protocol version 1.0 (1999)
MBarka, M.B., Stern, J.P.: Observations on certification authority key compromise. In: Camenisch, J., Lambrinoudakis, C. (eds.) EuroPKI 2010. LNCS, vol. 6711, pp. 178–192. Springer, Heidelberg (2011)
OpenSSL: Cryptography and SSL/TLS toolkit (2012), http://www.openssl.org/
Xu, S., Yung, M.: Expecting the unexpected: Towards robust credential infrastructure. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 201–221. Springer, Heidelberg (2009)
spiderlabs: Defective By Design? - Certificate Revocation Behavior In Modern Browsers, http://blog.spiderlabs.com/2011/04/certificate-revocation-behavior-in-modern-browsers.html (visited December 2011)
Buchmann, J., Dahmen, E., Hülsing, A.: XMSS - a practical forward secure signature scheme based on minimal security assumptions. Cryptology ePrint Archive, Report 2011/484 (2011), http://eprint.iacr.org/
Fischlin, M., Lehmann, A., Pietrzak, K.: Robust multi-property combiners for hash functions revisited. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 655–666. Springer, Heidelberg (2008)
Gutman, P.: PKI: It’s Not Dead, Just Resting. Computer 35, 41–49 (2002)
Rivest, R.L.: Can We Eliminate Certificate Revocation Lists? In: Hirschfeld, R. (ed.) FC 1998. LNCS, vol. 1465, pp. 178–183. Springer, Heidelberg (1998)
Gassko, I., Gemmell, P.S., MacKenzie, P.: Efficient and fresh certification. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 342–353. Springer, Heidelberg (2000)
Giuli, P., Maniatis, P., Giuli, T., Baker, M.: Enabling the Long-Term Archival of Signed Documents through Time Stamping. In: Proc. of the 1st USENIX Conference on File and Storage Technologies, pp. 31–46. USENIX Association (2002)
Tzvetkov, V.: Disaster coverable pki model based on majority trust principle. In: Int. Conf. on Information Technology: Coding and Computing, vol. 2, p. 118 (2004)
Surety: Protecting Intellectual Property with a Digital Time Stamp (2011), http://www.surety.com/
ETSI: Electronic signatures and infrastructures (esi); cms advanced electronic signatures (cades), TS 101 733 V1.7.4 (2008)
Kim, B.M., Choi, K.Y., Lee, D.H.: Disaster coverable PKI model utilizing the existing PKI structure. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 537–545. Springer, Heidelberg (2006)
Go, H.W.: Forward security and certificate management in mobile ad hoc networks. Master thesis, University of Hong Kong (Pokfulam Road, Hong Kong) (2004)
Koga, S., Sakurai, K.: Decentralization methods of certification authority using the digital signature scheme. In: 2nd Annual PKI Research Workshop – Pre-Proceedings, pp. 54–64 (2003)
Le, Z., Ouyang, Y., Ford, J., Makedon, F.: A hierarchical key-insulated signature scheme in the CA trust model. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol. 3225, pp. 280–291. Springer, Heidelberg (2004)
Le, Z., Ouyang, Y., Xu, Y., Ford, J., Makedon, F.: Preventing unofficial information propagation. In: Qing, S., Imai, H., Wang, G. (eds.) ICICS 2007. LNCS, vol. 4861, pp. 113–125. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Braun, J., Hülsing, A., Wiesmaier, A., Vigil, M.A.G., Buchmann, J. (2013). How to Avoid the Breakdown of Public Key Infrastructures. In: De Capitani di Vimercati, S., Mitchell, C. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2012. Lecture Notes in Computer Science, vol 7868. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40012-4_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-40012-4_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40011-7
Online ISBN: 978-3-642-40012-4
eBook Packages: Computer ScienceComputer Science (R0)