Domain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPSEC
نویسندگان
چکیده
Effective widespread deployment of cryptographic technologies such as secure email and IPsec has been hampered by the difficulties involved in establishing a large scale public key infrastructure, or PKI. Identity-based cryptography (IBC) can be used to ameliorate some of this problem. However, current approaches to using IBC for email or IPsec require a global, trusted key distribution center. In this paper, we present DNSIBC, a system that captures many of the advantages of using IBC, without requiring a global trust infrastructure. The resulting system can be configured to require almost no user intervention to secure both email and IP-based network traffic. We have built a preliminary implementation of this system in Linux.
منابع مشابه
QTRU: quaternionic version of the NTRU public-key cryptosystems
In this paper we will construct a lattice-based public-key cryptosystem using non-commutative quaternion algebra, and since its lattice does not fully fit within Circular and Convolutional Modular Lattice (CCML), we prove it is arguably more secure than the existing lattice-based cryptosystems such as NTRU. As in NTRU, the proposed public-key cryptosystem relies for its inherent securi...
متن کاملProvably secure and efficient identity-based key agreement protocol for independent PKGs using ECC
Key agreement protocols are essential for secure communications in open and distributed environments. Recently, identity-based key agreement protocols have been increasingly researched because of the simplicity of public key management. The basic idea behind an identity-based cryptosystem is that a public key is the identity (an arbitrary string) of a user, and the corresponding private key is ...
متن کاملImplementation of Elliptic Curve Cryptosystems over GF(2) in Optimal Normal Basis on a Reconfigurable Computer
Reconfigurable Computers are general-purpose high-end computers based on a hybrid architecture and close system-level integration of traditional microprocessors and Field Programmable Gate Arrays (FPGAs). In this paper, we present an application of reconfigurable computers to developing a lowlatency implementation of Elliptic Curve Cryptosystems, an emerging class of public key cryptosystems us...
متن کاملCryptanalysis of a technique to transform discrete logarithm based cryptosystems into identity-based cryptosystems
In this paper we analyse a technique designed to transform any discrete logarithm based cryptosystem into an identity-based cryptosystem. The transformation method is claimed to be efficient and secure and to eliminate the need to invent new identity-based cryptosystems. However, we show that the identity-based cryptosystem created by the proposed transformation method suffers from a number of ...
متن کاملHost Identity Indirection Infrastructure (Hi)
The Secure Internet Indirection Infrastructure (Secure-i) is a proposal for a flexible and secure overlay network that, if universally deployed, would effectively block a number of denial-of-service problems in the Internet. The Host Identity Protocol (HIP), on the other hand, is a proposal for deploying opportunistic, IPsec based end-to-end security, allowing any hosts to communicate in a secu...
متن کامل