A certification scheme for electronic commerce

  • Bruno Crispo
  • Mark Lomas
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1189)


This paper examines trust in distributed systems. The particular example that we choose is that of key certification, although the techniques have more general application. Existing system do not provide sufficient evidence to help to resolve disputes. We address this problem.


Trust certification revocation key management evidence authentication 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Recommendation X.509 Information Technology — Open Systems Interconnection. The Directory: Authentication Framework. Geneva June 1995.Google Scholar
  2. 2.
    Draft Technical Corrigendum to Rec. X.509. Geneva December 1995.Google Scholar
  3. 3.
    M. Burrows, M. Abadi, and R.M. Needham A logic of authentication Technical Report 39, DEC SRC, Palo Alto, CA., Feb 1989Google Scholar
  4. 4.
    S.M. Bellovin, M. Merritt Limitations of the Kerberos Authentication System Computer Communication Review Vol.20 No.5, Oct. 1990Google Scholar
  5. 5.
    Y. Desmedt, M. Yung Weaknesses of Undeniable Signature Schemes Advances in Cryptology:Eurocrypt 91 Brighton, UK, Apr. 1991 Proceedings Springer-VerlagGoogle Scholar
  6. 6.
    W. De Jonge, D. Chaum Attacks on some RSA Signature Advances in Cryptology:Crypto 85, Santa Barbara Cal. U.S.A Aug. 1985 Proceedings Springer-Verlag N.Y. 1986Google Scholar
  7. 7.
    T.M.A. Lomas, B. Christianson To Whom am I Speaking? IEEE Computer Vol.44 No.1, Jan 1995Google Scholar
  8. 8.
    S.P. Miller, B.C. Neumann,J.I Schiller,J.H. Saltzer Section E.2.1: Kerberos Authentication and Authorization System MIT Project Athena Cambridge, Mass. Dec 1987Google Scholar
  9. 9.
    R.M. Needham, M.D. Schroeder Using Encryption for Authentication in Large Network of Computers Communications of ACM, Vol.21 No.12, Dec 1978Google Scholar
  10. 10.
    G.J. Popek, C.S. Kline Encryption and Secure Computer Networks Computing Surveys Vol.11 No.4, Dec 1979Google Scholar
  11. 11.
    R. Rivest The MD5 Message Digest Algorithm RFC 1321 1992Google Scholar
  12. 12.
    M. Roe PASSWORD — R2.5: Certification Authority Requirements Technical Report Nov. 1992Google Scholar
  13. 13.
    R. Rivest, A. Shamir, and L. Adleman. A Method for Obtaining Digital Signatures and Public-key Cryptosystems. Communications of the ACM, 21, 1978.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1997

Authors and Affiliations

  • Bruno Crispo
    • 1
  • Mark Lomas
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeCambridgeUK

Personalised recommendations