Abstract
In this paper we take a closer look at the security and efficiency of public-key encryption and signature schemes in public-key infrastructures (PKI). Unlike traditional analyses which assume an “ideal” implementation of the PKI, we focus on the security of joint constructions that consider the certification authority (CA) and the users, and include a key-registration protocol and the algorithms of an encryption or a signature scheme. We therefore consider significantly broader adversarial capabilities. Our analysis clarifies and validates several crucial aspects such as the amount of trust put in the CA, the necessity and specifics of proofs of possession of secret keys, and the security of the basic primitives in this more complex setting. We also provide constructions for encryption and signature schemes that provably satisfy our strong security definitions and are more efficient than the corresponding traditional constructions that assume a digital certificate issued by the CA must be verified whenever a public key is used. Our results address some important aspects for the design and standardization of PKIs, as targeted for example in the standards project ANSI X9.109.
Keywords
- Encryption Scheme
- Signature Scheme
- Random Oracle Model
- Proxy Signature Scheme
- Digital Signature Scheme
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Chapter PDF
References
Adams, C., Farrell, S.: Internet x.509 public key infrastructure: Certificate management protocols. Work in progress (2004)
Al-Riyami, S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
Baek, J., Safavi-Naini, R., Susilo, W.: Certificateless public key encryption without pairing. In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 134–148. Springer, Heidelberg (2005)
Bellare, M., Boldyreva, A., Staddon, J.: Multi-Recipient Encryption Schemes: Security Notions and Randomness Re-Use. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, Springer, Heidelberg (2002)
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: FOCS ’97: Proceedings of the 38th Annual Symposium on Foundations of Computer Science, IEEE Computer Society Press, Los Alamitos (1997)
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Conference on Computer and Communications Security (CCS), ACM Press, New York (1993)
Bentahar, K., Farshim, P., Malone-Lee, J., Smart, N.P.: Generic constructions of identity-based and certificateless kems. Cryptology ePrint Archive, Report 2005/058 (2005)
Beth, T., Borcherding, M., Klein, B.: Valuation of trust in open networks. In: Gollmann, D. (ed.) Computer Security - ESORICS 94. LNCS, vol. 875, pp. 3–18. Springer, Heidelberg (1994)
Boldyreva, A.: Threshold signatures, multisignatures and blind signatures based on the Gap-Diffie-Hellman-group signature scheme. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 31–46. Springer, Heidelberg (2003)
Boldyreva, A., Fischlin, M., Palacio, A., Warinschi, B.: A closer look at PKI: Security and efficiency (2007), A full version of this paper is available at http://www-static.cc.gatech.edu/~aboldyre/publications.html
Boldyreva, A., Palacio, A., Warinschi, B.: Secure proxy signaure schemes for delegation of signing rights. Cryptology ePrint Archive, Report 2003/096 (2003)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, Springer, Heidelberg (2001)
Brown, D.R.L., Gallant, R.P., Vanstone, S.A.: Provably secure implicit certificate schemes. In: Syverson, P.F. (ed.) FC 2001. LNCS, vol. 2339, pp. 156–165. Springer, Heidelberg (2002)
Burmester, M., Desmedt, Y., Kabatianskii, G.: Trust and security: A new look at the Byzantine generals problem. In: Wright, R.N., Neumann, P.G. (eds.) Network Threats. DIMACS, Series in Discrete Mathematics and Theoretical Computer Science, vol. 38, AMS, New York (1998)
Canetti, R.: Universally composable signature, certification, and authentication. In: CSFW, IEEE Computer Society Press, Los Alamitos (2004)
Castelluccia, C., Jarecki, S., Tsudik, G.: Secret handshakes from CA-oblivious encryption. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 293–307. Springer, Heidelberg (2004)
Cheng, Z., Comley, R.: Efficient certificateless public key encryption. Cryptology ePrint Archive, Report 2005/012 (2005)
Dent, A.W., Kudla, C.: On proofs of security for certificateless cryptosystems. Cryptology ePrint Archive, Report 2005/348 (2005)
ElGamal, T.: A public key cryptosystem and signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31 (1985)
Fujisaki, E., Okamoto, T.: Secure integration of asymmetric and symmetric encryption schemes. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 537–554. Springer, Heidelberg (1999)
Gentry, C.: Certificate-based encryption and the certificate revocation problem. In: Biham, E. (ed.) Advances in Cryptology – EUROCRPYT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)
Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Science (1984)
Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal of Computing 17(2), 281–308 (1988)
Herzog, J., Liskov, M., Micali, S.: Plaintext awareness via key registration. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, Springer, Heidelberg (2003)
Hu, B., Wong, D., Zhang, Z., Deng, X.: Key replacement attack against a generic construction of certificateless signature. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 235–246. Springer, Heidelberg (2006)
Josang, A.: Trust-based decision making for electronic transactions. In: Fourth Nordic Workshop on Secure IT Systems (NORDSEC’99), pp. 99–105 (1999)
Kaliski, B.: An unknown key-share attack on the mqv key agreement protocol. ACM Transactions on Information and System Security (TISSEC) 4(3), 275–288 (2001)
Kim, S., Park, S., Won, D.: Proxy signatures, revisited. In: Han, Y., Quing, S. (eds.) ICICS 1997. LNCS, vol. 1334, Springer, Heidelberg (1997)
Lee, B., Kim, K.: Self-certified signatures. In: Menezes, A.J., Sarkar, P. (eds.) INDOCRYPT 2002. LNCS, vol. 2551, Springer, Heidelberg (2002)
Lee, Y.-R., Lee, H.-S.: An authenticated certificateless public key encryption scheme. Cryptology ePrint Archive, Report 2004/150 (2004)
Libert, B., Quisquater, J.-J.: On Constructing Certificateless Cryptosystems from Identity Based Encryption. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, Springer, Heidelberg (2006)
Lysyanskaya, A., Rivest, R.L., Sahai, A., Wolf, S.: Pseudonym systems. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol. 1758, pp. 184–199. Springer, Heidelberg (2000)
Maurer, U.: Modeling public-key infrastructure. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) Computer Security - ESORICS 96. LNCS, vol. 1146, pp. 325–350. Springer, Heidelberg (1996)
Menezes, A., Qu, M., Vanstone, S.A.: Some new key agreement protocols providing mutual implicit authentication. In: Selected Areas in Cryptography (SAC) (1995)
Menezes, A., Smart, N.: Security of signature schemes in a multi-user setting. Designs, Codes and Cryptography 33, 261–274 (2004)
Micali, S., Ohta, K., Reyzin, L.: Accountable-subgroup multisignatures. In: Conference on Computer and Communications Security (CCS), pp. 245–254. ACM Press, New York (2001)
Reiter, M.K., Stubblebine, S.G.: Path independence for authentication in large scale systems. In: Proceedings of the 4th ACM Conference on Computer and Communications Security, pp. 57–66. ACM Press, New York (1997)
Schnorr, C.P.: Efficient signature generation by smart cards. Journal of Cryptology 4(3), 161–174 (1991)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, Springer, Heidelberg (1985)
Shi, Y., Li, J.: Provable efficient certificateless public key encryption. Cryptology ePrint Archive, Report 2005/287 (2005)
Shoup, V.: On formal models for secure key exchange. IBM Research Report RZ 3120 (1999)
Yum, D.H., Lee, P.J.: Generic construction of certificateless encryption. In: Laganà, A., Gavrilova, M., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 802–811. Springer, Heidelberg (2004)
Yum, D.H., Lee, P.J.: Generic construction of certificateless signature. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 200–211. Springer, Heidelberg (2004)
Zimmermann, P.R.: The Official PGP User’s Guide. MIT Press, Cambridge (1995)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Boldyreva, A., Fischlin, M., Palacio, A., Warinschi, B. (2007). A Closer Look at PKI: Security and Efficiency. In: Okamoto, T., Wang, X. (eds) Public Key Cryptography – PKC 2007. PKC 2007. Lecture Notes in Computer Science, vol 4450. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71677-8_30
Download citation
DOI: https://doi.org/10.1007/978-3-540-71677-8_30
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71676-1
Online ISBN: 978-3-540-71677-8
eBook Packages: Computer ScienceComputer Science (R0)