A New Digital Signature and Certificate Architecture with Shortest Certification Path
نویسندگان
چکیده
The existing certificate architecture has two problems in terms of security and authentication. One is that there exists some possibility of certificate forgery by exploiting the collision problem associated with the hash algorithm used for signing. The other is that certification path complicates user authentication because it increases according to the distance between communicating users. In this paper we propose a new digital signature scheme and certificate architecture that solve the problems. It is achieved by using two-public key cryptography and a new certificate architecture. The proposed approach can be used without reconstructing the structure of the existing PKI system and always allows a certification path whose length is 1 regardless of the distance between the users. This is because each user confirms only the digital signature of root CA in the combined hierarchical-network infrastructure.
منابع مشابه
A New Paradigm in PKI Architecture: OTPK Technology For Online Digital Signature
In this paper, we present a paradigm shift in PKI architectures. The OTPK concept is alarmingly simple to understand. Whenever a digital signature is required, the private key is generated, certified, used to compute the digital signature and immediately deleted. All that remains is the digital signature and the public key certificate from the Certification Authority (CA) that is used to verify...
متن کاملSelf-certified Signatures
A digital signature provides the authenticity of a signed message with respect to a public key and a certificate provides the authorization of a signer for a public key. Digital signature and certificate are generated independently by different parties, but they are verified by the same verifier who wants to verify the signature. In the point of a verifier, verifying two independent digital sig...
متن کاملA Multiple Signature Based Certificate Verification Scheme
In this paper, we proposed a formal representation of certificate validation in Pretty Good Privacy (PGP) and X.509 systems. This representation uses new logical assertions to support public-key based certification systems and different trust levels. Although the meanings of some of those assertions are different in PGP and X.509 cases, the certificate validation can be expressed using the same...
متن کاملMulti-Certification Signatures and Their Applications to Public Key Infrastructure
As the application of digital signature is progressed in real life, the situation of using digital signatures tends to become more complex. Depending on applications a user may need to generate multiple signatures for the same message with his multiple signing keys. But the general approach of generating multiple independent signatures is not efficient. To solve this problem, we propose multi-k...
متن کاملA Multiple Signature Based Certificate Verification Scheme
In this paper, we proposed a formal representation of certificate validation in Pretty Good Privacy (PGP) and X.509 systems. This representation uses new logical assertions to support public-key based certification systems and different trust levels. Although the meanings of some of those assertions are different in PGP and X.509 cases, the certificate validation can be expressed using the same...
متن کامل