Lightweight Certificates – Towards a Practical Model for PKI
We present a concept for Public Key Infrastructure based on certificates that are not understood as a guarantee of Certification Authority for unconditional authenticity of the data contained in the certificate. As liability of CA is a source of cost barrier for widespread use of PKI services, we concentrate on cost-efficient solutions. At the same time we formulate requirements that fill the security gaps of the traditional PKI. We present exemplary technical solutions that witness feasibility of these requirements.
Keywordspublic key certificate PKI trust management authentication Schnorr signature
Unable to display preview. Download preview PDF.
- 1.Initiative: Pki 2.0 (2011), http://pki20.eu
- 2.Schnorr, C.: Method for identyfying subscribers and for generating and veryfing electronic signatures in a data exchange system. U.S. Patent 4,995,082 (1991)Google Scholar
- 3.Bender, J., Dagdelen, Ö., Fischlin, M., Kügler, D.: The pace protocol for machine readable travel documents, and its security. In: Financial Cryptography 2012. LNCS. Springer (to appear, 2012)Google Scholar
- 4.Boneh, D., Ding, X., Tsudik, G., Wong, C.M.: Instantenous revocation of security capabilities. In: USENIX Security Symposium (2001)Google Scholar
- 5.Nicolosi, A., Krohn, M.N., Dodis, Y., Mazières, D.: Proactive two-party signatures for user authentication. In: NDSS. The Internet Society (2003)Google Scholar
- 7.Choi, C.J., Kim, Z., Kim, K.: Schnorr signature scheme with restricted signing capability and its application. In: Computer Security Symposium (CSS), Kitakyushu, Japan, IPSJ, pp. 385–390 (2003)Google Scholar