A Multiple Signature Based Certificate Verification Scheme
ثبت نشده
چکیده
In this paper, we proposed a formal representation of certificate validation in Pretty Good Privacy (PGP) and X.509 systems. This representation uses new logical assertions to support public-key based certification systems and different trust levels. Although the meanings of some of those assertions are different in PGP and X.509 cases, the certificate validation can be expressed using the same assertions. We also proposed a novel multiple digital signature scheme, namely nested signatures, which is directly applicable to PGP and X.509 certificates to yield nested certificates. A nested signature is a signature over another signature and is used to verify the subject signature without using the public key of the issuer of the subject signature. This characteristic of the nested signatures and nested certificates allow the entities in the network to realise more flexible trust and certification scenarios. We also extended the formal specification of the certificate validation to support nested certificates for both PGP and X.509 cases.
منابع مشابه
Security Analysis of Aggregate signature and Batch verification signature schemes
An identity based signature scheme allows any pair of users to communicate securely and to verify each others signatures without exchanging public key certificates. An aggregate signature scheme is a digital signature scheme which supports aggregation of signatures. Batch verification is a method to verify multiple signatures at once. Aggregate signature is useful in reducing both communication...
متن کاملAn ECC-Based Mutual Authentication Scheme with One Time Signature (OTS) in Advanced Metering Infrastructure
Advanced metering infrastructure (AMI) is a key part of the smart grid; thus, one of the most important concerns is to offer a secure mutual authentication. This study focuses on communication between a smart meter and a server on the utility side. Hence, a mutual authentication mechanism in AMI is presented based on the elliptic curve cryptography (ECC) and one time signature (OTS) consists o...
متن کاملBatch Verifications with ID-Based Signatures
An identity (ID)-based signature scheme allows any pair of users to verify each other’s signatures without exchanging public key certificates. With the advent of Bilinear maps, several ID-based signatures based on the discrete logarithm problem have been proposed. While these signatures have an advantage in the fact that the system secret can be shared by several parties using a threshold schem...
متن کاملA Multiple Signature Based Certificate Verification Scheme
In this paper, we proposed a formal representation of certificate validation in Pretty Good Privacy (PGP) and X.509 systems. This representation uses new logical assertions to support public-key based certification systems and different trust levels. Although the meanings of some of those assertions are different in PGP and X.509 cases, the certificate validation can be expressed using the same...
متن کاملA New ID-based Signature with Batch Verification
An identity (ID)-based signature scheme allows any pair of users to communicate securely and to verify each other’s signatures without exchanging public key certificates. We have several ID-based signatures based on the discrete logarithm problem. While they have an advantage that the system secret can be shared by several parties through threshold schemes, they have a critical disadvantage in ...
متن کامل