Self-certified public keys

  • Marc Girault
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 547)


We introduce the notion, and give two examples, of self-certified public keys, i.e. public keys which need not be accompanied with a separate certificate to be authenticated by other users. The trick is that the public key is computed by both the authority and the user, so that the certificate is “embedded” in the public key itself, and therefore does not take the form of a separate value.

Self-certified public keys contribute to reduce the amount of storage and computations in public key schemes, while secret keys are still chosen by the user himself and remain unknown to the authority. This makes the difference with identity-based schemes, in which there are no more certificates at all, but at the cost that secret keys are computed (and therefore known to) the authority.


  1. [Be]
    T. Beth, “A Fiat-Shamir-like authentication protocol for the ElGamal scheme”, Advances in Cryptology, Proc. of EUROCRYPT’88, LNCS 330, Springer-Verlag, 1988, pp. 77–86.Google Scholar
  2. [CCI]
    “The Directory-Authentication Framework”, CCITT Recommendation X509.Google Scholar
  3. [DH]
    W. Diffie and M. Hellman, “New directions in cryptography”, IEEE Transactions on Information Theory, Vol.IT-22, Nov.1976, pp. 644–654.CrossRefMathSciNetGoogle Scholar
  4. [El]
    T. El Gamal, “A public key cryptosystem and a signature scheme based on discrete logarithms”, Advances in Cryptology, Proc. of CRYPTO’84, LNCS 196, Springer-Verlag, 1985, pp.10–18.Google Scholar
  5. [FS]
    A. Fiat and A. Shamir, “How to prove yourself: Practical solutions to identification and signature problems”, Advances in Cryptology, Proc. of CRYPTO’86, LNCS 263, Springer-Verlag, 1987, pp. 186–194.Google Scholar
  6. [Gi]
    M. Girault, “An identity-based identification scheme based on discrete logarithms modulo a composite number”, Proc. of EUROCRYPT’90, LNCS 473, Springer-Verlag, 1991, pp.481–486.Google Scholar
  7. [GP]
    M. Girault and JC. Paillès, “An identity-based identification scheme providing zero-knowledge authentication and authenticated key exchange”, Proc. of ESORICS’90, pp.173–184.Google Scholar
  8. [GQ]
    L.C. Guillou and J.J. Quisquater, “A practical zero-knowledge protocol fitted to security microprocessors minimizing both transmission and memory”, Advances in Cryptology, Proc. of EUROCRYPT’88, LNCS 330, Springer-Verlag, 1988, pp.123–128.Google Scholar
  9. [HK]
    P. Horster and H.J. Knobloch, “Discrete logarithm based protocols”, these Proceedings.Google Scholar
  10. [OO]
    T. Okamoto and K. Ohta, “How to utilize the randomness of zero-knowledge proofs”, Proc. of CRYPTO’90, to appear.Google Scholar
  11. [PG]
    J.C. Paillès and M. Girault, “CRIPT: A public-key based solution for secure data communications”, Proc. of SECURICOM’89, pp.171–185.Google Scholar
  12. [Ra]
    M.O Rabin, “Digitalized signatures and public-key functions as intractable as factorization”, MIT, Lab. for Computer Science, MIT/LCS/TR-212, Jan.1979.Google Scholar
  13. [RSA]
    R.L. Rivest, A. Shamir and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, CACM, Vol.21, no2, Feb.1978, pp.120–126.zbMATHMathSciNetGoogle Scholar
  14. [Sc]
    C.P. Schnorr, “Efficient identification and signatures for smart cards”, Advances in Cryptology, Proc. of CRYPTO’89, LNCS 435, Springer-Verlag, pp.239–252.CrossRefGoogle Scholar
  15. [Sh]
    A. Shamir, “Identity-based cryptosystems and signature schemes”, Advances in Cryptology, Proc. of CRYPTO’84, LNCS 196, Springer-Verlag, 1985, pp.47–53.Google Scholar
  16. [TO]
    K. Tanaka and E. Okamoto, “Key distribution system using ID-related information directory suitable for mail systems”, Proc. of SECURICOM’90, pp.115–122.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1991

Authors and Affiliations

  • Marc Girault
    • 1
  1. 1.Groupement PEMService d’Etudes communes de la Poste et de France Télécom (SEPT)Caen-CedexFrance

Personalised recommendations