Abstract
Considering alternatives to hierarchical authentication structures that are not sufficiently secure for communication on open networks such as the Internet.
- Burmester, M., Desmedt, Y., and Kabatianski, G. Trust and security: A new look at the Byzantine generals problem. Series in Discrete Mathematics and Theoretical Computer Science 38, AMS, 1998.Google Scholar
- Burmester, M. and Desmedt, Y. Secure communication in an unknown network using certificates. In Proceedings, Advances in Cryptology (Asiacrypt'99), Springer, 1999. Google ScholarDigital Library
- Denning, D.E. and Denning, P.J. Internet Besieged. ACM Press, NY, 1998.Google Scholar
- Ellison, C. and Schneier, B. Ten risks of PKI: What you're not being told about. Computer Security Journal 16, 1 (Jan. 2000).Google Scholar
- ISO/IEC 9594-8. Information Technology Open Systems Interconnection. International Organization for Standardization, Geneva, Switzerland, 1995.Google Scholar
- Maurer, U. Modeling public-key infrastructure. In Proceedings, Computer Security--ESORICS 96, LNCS 1146, Springer, 1996. Google ScholarDigital Library
- Trusted Computer System Evaluation Criteria (TCSEC). U.S. Department of Defense, 1985, 5200.28-STD (Orange Book).Google Scholar
- Reiter, M.K. and Stubblebine, S.G. Path independence for authentication in large scale systems. In Proceedings of the 4th ACM Conference on Computer and Communications Security, (1997), 57--66. Google ScholarDigital Library
- Rivest, R.L. and Lampson, B. SDSI: A Simple Distributed Security Infrastructure; theory.lcs.mit.edu/~cis/sdsi.html.Google Scholar
- Schneier, B. Applied Cryptography. Wiley, NY, 1996.Google Scholar
Index Terms
- Is hierarchical public-key certification the next target for hackers?
Recommendations
Securely combining public-key cryptosystems
CCS '01: Proceedings of the 8th ACM conference on Computer and Communications SecurityIt is a maxim of sound computer-security practice that a cryptographic key should have only a single use. For example, an RSA key pair should be used only for public-key encryption or only for digital signatures, and not for both.In this paper we show ...
Provably Secure Timed-Release Public Key Encryption
A timed-release cryptosystem allows a sender to encrypt a message so that only the intended recipient can read it only after a specified time. We formalize the concept of a secure timed-release public-key cryptosystem and show that, if a third party is ...
Building Key-Private Public-Key Encryption Schemes
ACISP '09: Proceedings of the 14th Australasian Conference on Information Security and PrivacyIn the setting of identity-based encryption with multiple trusted authorities, TA anonymity formally models the inability of an adversary to distinguish two ciphertexts corresponding to the same message and identity, but generated using different TA ...
Comments