This Article 
 Bibliographic References 
 Add to: 
Computationally Efficient Distributed and Delegated Certification
September 2008 (vol. 19 no. 9)
pp. 1167-1174
Certification in public key cryptographic applications concerns the involvement of a CA (Certifying Agent) in approving the validity of users' public keys. Distributed certification pertains to the case where several CAs are involved in issuing certificates. This also includes the case of multi-attribute certification, where different CAs approve different user's attributes. In delegated certification, agents transfer certificate issuing authority in hierarchical chain. Distributed, multi-attribute and delegated certification techniques having a low computational complexity are presented in this paper. It is shown how multiplicity aspects of the various applications are mapped into a multiplied exponents mathematical implementation of the form ∏_{i=1}^{m}A_{i}^{ b_{i}}modp, which is essentially equivalent to a single exponentiation for a moderate m. A fundamental feature of the presented procedures pertains to implementing distributed/multi-attribute certification by referring to any desired subset of participating CAs.

[1] Internet x.509 Public Key Infrastructure Certificate, IETF RFC 2459, 1999.
[2] M. Girault, “Implicit-Certified Public Keys,” Advances in Cryptology—Proc. EUROCRYPT '91, pp. 490-497, 1991.
[3] B. Arazi, “Integrating a Key Distribution Procedure into the Digital Signature Standard,” Electronics Letters, vol. 29, pp. 966-967, 1993.
[4] H. Petersen and P. Horster, “Self-Certified Keys—Concepts and Applications,” Proc. Third Conf. Comm. and Multimedia Security (CMS), 1997.
[5] S. Saeednia, “Identity-Based and Self-Certified Key-Exchange Protocols,” Proc. Second Australasian Conf. Information Security and Privacy (ACISP '97), pp. 303-313, 1997.
[6] L.M. Adleman and J. DeMarrais, “A Subexponential Algorithm for Discrete Logarithms over All Finite Fields,” Math. Computation, vol. 61, pp. 1-15, 1993.
[7] A. Enge and P. Gaudry, “A General Framework for Subexponential Discrete Logarithm Algorithms,” Acta Arithmetica, vol. 102, pp.83-103, 2002.
[8] N. Koblitz, “Elliptic Curve Cryptosystems,” Math. Computation, vol. 48, pp. 203-209, 1987.
[9] B. Arazi, Certification of DL/EC Keys, IEEE P1363 Working Group, submissions.html, 1998.
[10] C. Schnorr, “Efficient Signature Generation by Smart Cards,” J.Cryptology, vol. 4, pp. 161-174, 1991.
[11] T. ElGamal, “A Public Key Cryptosystem and Signature Scheme Based on Discrete Logarithms,” IEEE Trans. Information Theory, vol. 31, pp. 469-472, 1985.
[12] S.M. Yen, C. Laih, and A. Lenstra, “Multi-Exponentiation,” IEE Proc. Computers and Digital Techniques, vol. 141, pp. 325-326, 1994.
[13] B. Moller, “Algorithms for Multi-Exponentiation,” Technical Report TI-8/01, TU Darmstadt, 2001.
[14] N. I. of Standards and Tech nology, “Digital Signature Standard,” FIPS PUB 186-2, 2000.
[15] D.R.L. Brown, R.P. Gallant, and S.A. Vanstone, “Provably Secure Implicit Certificate Schemes,” Proc. Fifth Int'l Conf. Financial Cryptography (FC '01), pp. 156-165, 2001.

Index Terms:
Distributed applications, Authentication, Distributed systems, Public key cryptosystems
Benjamin Arazi, "Computationally Efficient Distributed and Delegated Certification," IEEE Transactions on Parallel and Distributed Systems, vol. 19, no. 9, pp. 1167-1174, Sept. 2008, doi:10.1109/TPDS.2007.70809
Usage of this product signifies your acceptance of the Terms of Use.