Theft-Protected Proprietary Certificates

The notion of proprietary certificates [7] was recently introduced in an attempt to discourage sharing of access rights to subscription-based resources. A proprietary certificate is a certificate on a public key – the so-called proprietary key – that contains some information related to another (so-called collateral) certificate and has the property that if the owner of the proprietary public key reveals the corresponding (so-called proprietary) secret key, then the collateral secret key (corresponding to the public key in the collateral certificate) is automatically released. Thus, if a service provider requires all users to use proprietary certificates linked with collateral certificates corresponding to resources the users always wish to keep private – such as access to 401(k) accounts, the user’s criminal history, etc – then this will discourage the access rights sharing. However, the original solution for proprietary certificates overlooks the possibility of accidental sharing, namely, sharing caused by theft of the proprietary secret key which would lead to immediate loss of the collateral secret key, making wide-scale deployment of proprietary certificate approach unlikely. In this paper we discuss what steps can be taken towards making proprietary certificates approach more practical. While our solution preserves all the properties the original solution of [7] achieves, most importantly, protection against intentional rights sharing, it satisfies an additional property, namely, theft protection.