Financial Cryptography and Data Security
Volume 5628 of the series Lecture Notes in Computer Science pp 201-221
Expecting the Unexpected: Towards Robust Credential Infrastructure
- Shouhuai XuAffiliated withDepartment of Computer Science, University of Texas at San Antonio
- , Moti YungAffiliated withGoogle Inc. and Department of Computer Science, Columbia University
Abstract
Cryptographic credential infrastructures, such as Public key infrastructure (PKI), allow the building of trust relationships in electronic society and electronic commerce. At the center of credential infrastructures is the methodology of digital signatures. However, methods that assure that credentials and signed messages possess trustworthiness and longevity are not well understood, nor are they adequately addressed in both literature and practice. We believe that, as a basic engineering principle, these properties have to be built into the credential infrastructure rather than be treated as an after-thought since they are crucial to the long term success of this notion. In this paper we present a step in the direction of dealing with these issues. Specifically, we present the basic engineering reasoning as well as a model that helps understand (somewhat formally) the trustworthiness and longevity of digital signatures, and then we give basic mechanisms that help improve these notions.
Keywords
Credential infrastructures PKI digital signatures key compromise hit-and-run attack hit-and-stick attack insider attack- Title
- Expecting the Unexpected: Towards Robust Credential Infrastructure
- Book Title
- Financial Cryptography and Data Security
- Book Subtitle
- 13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised Selected Papers
- Pages
- pp 201-221
- Copyright
- 2009
- DOI
- 10.1007/978-3-642-03549-4_12
- Print ISBN
- 978-3-642-03548-7
- Online ISBN
- 978-3-642-03549-4
- Series Title
- Lecture Notes in Computer Science
- Series Volume
- 5628
- Series ISSN
- 0302-9743
- Publisher
- Springer Berlin Heidelberg
- Copyright Holder
- Springer-Verlag Berlin Heidelberg
- Additional Links
- Topics
- Keywords
-
- Credential infrastructures
- PKI
- digital signatures
- key compromise
- hit-and-run attack
- hit-and-stick attack
- insider attack
- Industry Sectors
- eBook Packages
- Editors
-
- Roger Dingledine (16)
- Philippe Golle (17)
- Editor Affiliations
-
- 16. The Tor Project
- 17. Palo Alto Research Center
- Authors
-
- Shouhuai Xu (18)
- Moti Yung (19)
- Author Affiliations
-
- 18. Department of Computer Science, University of Texas at San Antonio,
- 19. Google Inc. and Department of Computer Science, Columbia University,
Continue reading...
To view the rest of this content please follow the download PDF link above.