Identity-Embedding Method for Decentralized Public-Key Infrastructure

  • Hiroaki AnadaEmail author
  • Junpei Kawamoto
  • Jian Weng
  • Kouichi Sakurai
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9473)


A public key infrastructure (PKI) is for facilitating the authentication and distribution of public keys. Currently, the most commonly employed approach to PKI is to rely on certificate authorities (CAs), but recently there has been arising more need for decentralized peer-to-peer certification like Webs of Trust. In this paper, we propose an identity-embedding method suitable for decentralized PKI. By embedding not only \(\text {ID}\) of the candidate public-key owner itself but also \(\text {ID}\)s of his guarantors into \(\text {PK}\), we can construct Web of guarantors on public keys. Here guarantors can be chosen arbitrarily by the candidate public-key owner. Our embedding method uses a combination of two public-key cryptosystems; the first cryptosystem is for PKI directly. Here we employ a technique to embed a string into a public key of the first cryptosystem. As such a string, we choose a concatenation of \(\text {ID}\) of a candidate public-key owner, \(\text {ID}\)s of his guarantors, and a public key of the second cryptosystem. This embedded public key of the second cryptosystem is used by the candidate public-key owner that he certainly knows the secret key that corresponds to the public key of the first cryptosystem. Then, with an aid of a broadcast mechanism of an updated public-key list on a peer-to-peer network, we can attain the decentralized PKI. Such an embedding method is concretely realized by the RSA encryption with the Lenstra’s algorithm, which can be used as the first cryptosystem. As the second cryptosystem, we employ an elliptic curve encryption whose security is equivalent to the security of the RSA encryption, where the former achieves shorter key size than the latter. We write down concrete values of parameters for a realization of the embedding.


Identity management Public key infrastructure   Decentralized system RSA Elliptic curve 



The third author was partially supported by the Invitation Programs for Foreign-based Researchers provided by the National Institute of Information and Communications Technology (NICT), Japan.

The first, second and forth authors were partially supported by the Bilateral Joint Research Projects/Seminars FY2014 by Japan Society for the Promotion of Science under the research project name “Computational Aspects of Mathematical Design and Analysis of Secure Communication Systems Based on Cryptographic Primitives”, who appreciate sincere thanks for discussion with Sushmita Ruj in Indian Statistical Institute and Avishek Adhikari in University of Calcutta.


  1. 1.
    Anada, H., Arita, S.: Identification schemes from key encapsulation mechanisms. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS, vol. 6737, pp. 59–76. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  2. 2.
    Andrychowicz, M., Dziembowski, S.: Distributed cryptography based on the proofs of work. Cryptology ePrint Archive, Report 2014/796 (2014).
  3. 3.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized Trust Management. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press (1996)Google Scholar
  4. 4.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 213. Springer, Heidelberg (2001) CrossRefGoogle Scholar
  5. 5.
    Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, p. 13. Springer, Heidelberg (1998) Google Scholar
  6. 6.
    Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993) Google Scholar
  7. 7.
    Fromknecht, C., Velicanu, D., Yakoubov, S.: A decentralized public key infrastructure with identity retention. Cryptology ePrint Archive, Report 2014/803 (2014).
  8. 8.
    Garman, C., Green, M., Miers, I.: Decentralized Anonymous Credentials. In: IACR Cryptology ePrint Archive vol. 2013, p. 622 (2013)Google Scholar
  9. 9.
    Graham, S.W., Shparlinski, I.E.: On RSA moduli with almost half of the bits prescribed. Discrete Appl. Math. 156(16), 3150–3154 (2008)zbMATHMathSciNetCrossRefGoogle Scholar
  10. 10.
    Kiltz, E.: Chosen-ciphertext security from tag-based encryption. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 581–600. Springer, Heidelberg (2006) CrossRefGoogle Scholar
  11. 11.
    Kitahara, M., Yasuda, T., Nishide, T., Sakurai, K.: Embedding method of owner’s information into public key of RSA encryption and its application to digital rights management system. In: IPSJ SIG Technical report, vol. 2014-CSEC65, p.3. Information Processing Society of Japan (2014)Google Scholar
  12. 12.
    Kitahara, M., Nishide, T., Sakurai, K.: A method for embedding secret key information in RSA public key and its application. In: Proceedings of the Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, pp. 665–670. IEEE (2012)Google Scholar
  13. 13.
    Kitahara, M., Yasuda, T., Nishide, T., Sakurai, K.: Upper bound of the length of information embedd in RSA public key efficiently. In: AsiaPKC@AsiaCCS, pp. 33–38. ACM (2013)Google Scholar
  14. 14.
    Lenstra, A.K.: Generating RSA moduli with a predetermined portion. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 1–10. Springer, Heidelberg (1998) Google Scholar
  15. 15.
    Lewko, A., Waters, B.: Decentralizing attribute-based encryption. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 568–588. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  16. 16.
    Meng, X.: On RSA moduli with half of the bits prescribed. J. Number Theory 133(1), 105–109 (2013)zbMATHMathSciNetCrossRefGoogle Scholar
  17. 17.
    Qiu, Q., Tang, Z., Li, F., Yu, Y.: A personal DRM scheme based on social trust. Chin. J. Electron. 21(4), 719–724 (2012)Google Scholar
  18. 18.
    Sander, T., Ta-Shma, A.: Auditable, anonymous electronic cash (extended abstract). In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 555–579. Springer, Heidelberg (1999) Google Scholar
  19. 19.
    Vanstone, S.A., Zuccherato, R.J.: Short RSA keys and their generation. J. Cryptology 8(2), 101–114 (1995)zbMATHGoogle Scholar
  20. 20.
    Yasuda, M., Shimoyama, T., Kogure, J., Izu, T.: On the strength comparison of the ECDLP and the IFP. In: Visconti, I., De Prisco, R. (eds.) SCN 2012. LNCS, vol. 7485, pp. 302–325. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  21. 21.
    Zimmermann, P., and associates llc (2014). Accessed 20 September 2014

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Hiroaki Anada
    • 1
    Email author
  • Junpei Kawamoto
    • 2
  • Jian Weng
    • 2
    • 3
  • Kouichi Sakurai
    • 1
    • 2
  1. 1.Institute of Systems, Information Technologies and NanotechnologiesFukuokaJapan
  2. 2.Department of Informatics, Faculty of Information Science and Electrical EngineeringKyushu UniversityFukuokaJapan
  3. 3.Department of Computer Science, College of Information Science and TechnologyJinan UniversityGuangzhouChina

Personalised recommendations