Optimized Public Key Infrastructure - A PKI to Support Efficient Document's Signatures
نویسندگان
چکیده
Optimized Public Key Infrastructures are traditional PKI in which end users may optimize the signatures of their documents, replacing the signer’s validation data with Optimized Certificates (OC). OCs carry the signer’s identification and public key, but are issued for a specific time, i.e., fields notBefore and notAfter have the same value, thus there are no reasons to revoke them. The OC’s certification path is supposed to be shorter and uses Micali’s revocation scheme. Furthermore, OCs include signed document’s hashcodes, working also as time-stamps. Therefore, OCs are useful to replace signed document’s validation data by one smaller and easier to verify. Finally, when OCs become invalid due to cryptographic algorithm weakness and limits in the validity periods of their certificate chains, they can be easily replaced by new ones, thus this proposal is suitable for efficient long term archiving.
منابع مشابه
A New Certificateless Blind Signature Scheme
Blind signatures have key role in real world applications like e-cash, e-voting etc. The first blind signature was proposed by Chaum under public key infrastructure(PKI) model. The inherent problem in PKI is the certificate management which is overcome by identity(ID) based system. The ID based system is susceptible to key escrow problem. By removing the inherent problems of both PKI and ID bas...
متن کاملValidation Algorithms for a Secure Internet Routing PKI
A PKI in support of secure Internet routing was first proposed in [1] and refined in later papers, e.g., [2]. In this “Resource” PKI (RPKI) the resources managed are IP address allocations and Autonomous System number assignments. In a typical PKI the validation problem for each relying party is fairly simple in principle, and is well defined in the standards, e.g. RFC 3280 [3]. The RPKI presen...
متن کاملEfficient transmission of PKI certificates using elliptic curve cryptography and its variants
The demand for wireless networks is increasing rapidly and it becomes essential to design existing Public-Key Infrastructure (PKI) useful for wireless devices. A PKI is a set of procedures needed to create, distribute and revoke digital certificates. PKI is an arrangement that binds public keys with respective user identities by means of a Certificate Authority (CA). The user identity must be u...
متن کاملA Longitudinal, End-to-End View of the DNSSEC Ecosystem
The Domain Name System’s Security Extensions (DNSSEC) allow clients and resolvers to verify that DNS responses have not been forged or modified inflight. DNSSEC uses a public key infrastructure (PKI) to achieve this integrity, without which users can be subject to a wide range of attacks. However, DNSSEC can operate only if each of the principals in its PKI properly performs its management task...
متن کاملMulti-Certification Signatures and Their Applications to Public Key Infrastructure
As the application of digital signature is progressed in real life, the situation of using digital signatures tends to become more complex. Depending on applications a user may need to generate multiple signatures for the same message with his multiple signing keys. But the general approach of generating multiple independent signatures is not efficient. To solve this problem, we propose multi-k...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2009 شماره
صفحات -
تاریخ انتشار 2009