Advanced Issues of E-Commerce and Web-Based Information Systems, International Workshop on (1999)
Santa Clara, California
Apr. 8, 1999 to Apr. 9, 1999
Chenxi Wang , University of Virginia
William A. Wulf , University of Virginia
In an e-commerce system, security, in particular authentication, is of paramount importance. Public-key Infrastructure is often used to enforce authentication and the property of non-repudiation. However, the current designs of public-key cryptosystems require a centralized, trusted key server to generate and distributed keys. This distinguished, trusted entity introduces security vulnerabilities as well as an impediment where scalability is concerned.We present in this paper a novel way to perform distributed key generations which do not rely on any system-wide trusted entities. We assign a unique range of m-bit numbers to each key generator in the system. As a result, the lower-order m bits of the keys generated falls onto a unique number in the range. We also present a key generation architecture to facilitate the use of such a method.Our scheme is secure against factoring and brute force attacks, and it provides a basis for building scalable PKIs for distributed applications such as electronic commerce.
W. A. Wulf and C. Wang, "Towards a Scalable PKI for Electronic Commerce Systems," Advanced Issues of E-Commerce and Web-Based Information Systems, International Workshop on(WECWIS), Santa Clara, California, 1999, pp. 132.