Self-certiied Keys { Concepts and Applications

The authenticity of public keys in an asymmetric cryptosystem can be gained in two di erent ways: either it is veri ed explicitly after knowing the public key and its certi cate, e.g. X.509 certi cates, or it is veri ed implicitly during the use of the keys. The latter concept has been introduced by Girault 1991 as self-certi ed keys. In this paper we extend this concept: We show how to issue self-certi ed keypairs under di erent trust levels and show how to use them in authentication trees. Then we demonstrate, how a user can switch his keys to enhance the security of his actual secret key against compromising. We illustrate the relevance of all concepts by discussing several useful applications. Among them are delegation of rights, delegated signatures, delegated encryption and electronic voting schemes. Furthermore, we propose a new non-interactive key exchange protocol, that provides backward and forward secrecy of session keys.