A Closer Look at PKI: Security and Efficiency

نویسندگان

  • Alexandra Boldyreva
  • Marc Fischlin
  • Adriana Palacio
  • Bogdan Warinschi
چکیده

In this paper we take a closer look at the security and efficiency of public-key encryption and signature schemes in public-key infrastructures (PKI). Unlike traditional analyses which assume an “ideal” implementation of the PKI, we focus on the security of joint constructions that consider the certification authority (CA) and the users, and include a key-registration protocol and the algorithms of an encryption or a signature scheme. We therefore consider significantly broader adversarial capabilities. Our analysis clarifies and validates several crucial aspects such as the amount of trust put in the CA, the necessity and specifics of proofs of possession of secret keys, and the security of the basic primitives in this more complex setting. We also provide constructions for encryption and signature schemes that provably satisfy our strong security definitions and are more efficient than the corresponding traditional constructions that assume a digital certificate issued by the CA must be verified whenever a public key is used. Our results address some important aspects for the design and standardization of PKIs, as targeted for example in the standards project ANSI X9.109.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Closer Look at Revocation and Key Compromise in Public Key Infrastructures

Over time, in order to improve functionality or efficiency, new features have been added to the basic framework of public key infrastructures (PKIs). While these new features are useful, as with any other security critical application, new features can open the door for new types of attacks. In this paper, we will concentrate on those attacks against a PKI which allow an attacker to take advant...

متن کامل

Performance Evaluation of Distributed Security Protocols Using Discrete Event Simulation

The Border Gateway Protocol (BGP) that manages inter-domain routing on the Internet lacks security. Protective measures using public key cryptography introduce complexities and costs. To support authentication and other security functionality in large networks, we need public key infrastructures (PKIs). Protocols that distribute and validate certificates introduce additional complexities and co...

متن کامل

Usability challenges of PKI

Introduction Contrary to analysts’ forecasts we heard some years ago, PKI (public key infrastructure) has not become a widespread technology yet. An important reason for this is the insufficient usability PKI-enabled applications are often blamed for [11]. Users’ behavior has turned out to be the biggest risk in security software [10], so usability issues deserve closer attention. Research in t...

متن کامل

I'm No Longer a Child: A Closer Look at the Interaction Between Iranian EFL University Students' Identities and Their Academic Performance

Although university EFL students represent a wide array of social and cultural identities, their multiple and diverse identities are not usually considered in foreign language classrooms. This qualitative case study attempted to examine identity conflicts experienced by Iranian EFL learners at the university context. To this end, two Shiraz University students' identities were investigated. Sem...

متن کامل

The US Federal PKI and the Federal Bridge Certification Authority

The goals of the U.S. Federal PKI are to create a cross-governmental, ubiquitous, interoperable Public Key Infrastructure and the development and use of applications which employ that PKI in support of Agency business processes. In addition, the U.S. Federal PKI must interoperate with State governments and with other national governments. Our goals recognize that the purpose of deploying a PKI ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2007