The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.09 - September (2008 vol.19)
pp: 1167-1174
ABSTRACT
Certification in public key cryptographic applications concerns the involvement of a CA (Certifying Agent) in approving the validity of users' public keys. Distributed certification pertains to the case where several CAs are involved in issuing certificates. This also includes the case of multi-attribute certification, where different CAs approve different user's attributes. In delegated certification, agents transfer certificate issuing authority in hierarchical chain. Distributed, multi-attribute and delegated certification techniques having a low computational complexity are presented in this paper. It is shown how multiplicity aspects of the various applications are mapped into a multiplied exponents mathematical implementation of the form ∏_{i=1}^{m}A_{i}^{ b_{i}}modp, which is essentially equivalent to a single exponentiation for a moderate m. A fundamental feature of the presented procedures pertains to implementing distributed/multi-attribute certification by referring to any desired subset of participating CAs.
INDEX TERMS
Distributed applications, Authentication, Distributed systems, Public key cryptosystems
CITATION
Benjamin Arazi, "Computationally Efficient Distributed and Delegated Certification", IEEE Transactions on Parallel & Distributed Systems, vol.19, no. 9, pp. 1167-1174, September 2008, doi:10.1109/TPDS.2007.70809
REFERENCES
[1] Internet x.509 Public Key Infrastructure Certificate, IETF RFC 2459, 1999.
[2] M. Girault, “Implicit-Certified Public Keys,” Advances in Cryptology—Proc. EUROCRYPT '91, pp. 490-497, 1991.
[3] B. Arazi, “Integrating a Key Distribution Procedure into the Digital Signature Standard,” Electronics Letters, vol. 29, pp. 966-967, 1993.
[4] H. Petersen and P. Horster, “Self-Certified Keys—Concepts and Applications,” Proc. Third Conf. Comm. and Multimedia Security (CMS), 1997.
[5] S. Saeednia, “Identity-Based and Self-Certified Key-Exchange Protocols,” Proc. Second Australasian Conf. Information Security and Privacy (ACISP '97), pp. 303-313, 1997.
[6] L.M. Adleman and J. DeMarrais, “A Subexponential Algorithm for Discrete Logarithms over All Finite Fields,” Math. Computation, vol. 61, pp. 1-15, 1993.
[7] A. Enge and P. Gaudry, “A General Framework for Subexponential Discrete Logarithm Algorithms,” Acta Arithmetica, vol. 102, pp.83-103, 2002.
[8] N. Koblitz, “Elliptic Curve Cryptosystems,” Math. Computation, vol. 48, pp. 203-209, 1987.
[9] B. Arazi, Certification of DL/EC Keys, IEEE P1363 Working Group, http://grouper.ieee.org/groups/1363/StudyGroup submissions.html, 1998.
[10] C. Schnorr, “Efficient Signature Generation by Smart Cards,” J.Cryptology, vol. 4, pp. 161-174, 1991.
[11] T. ElGamal, “A Public Key Cryptosystem and Signature Scheme Based on Discrete Logarithms,” IEEE Trans. Information Theory, vol. 31, pp. 469-472, 1985.
[12] S.M. Yen, C. Laih, and A. Lenstra, “Multi-Exponentiation,” IEE Proc. Computers and Digital Techniques, vol. 141, pp. 325-326, 1994.
[13] B. Moller, “Algorithms for Multi-Exponentiation,” Technical Report TI-8/01, TU Darmstadt, 2001.
[14] N. I. of Standards and Tech nology, “Digital Signature Standard,” FIPS PUB 186-2, 2000.
[15] D.R.L. Brown, R.P. Gallant, and S.A. Vanstone, “Provably Secure Implicit Certificate Schemes,” Proc. Fifth Int'l Conf. Financial Cryptography (FC '01), pp. 156-165, 2001.
19 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool