How to avoid the breakdown of public key infrastructures: forward secure signatures for certificate authorities

Johannes Braun, Andreas Hülsing, Alex Wiesmaier, Martín A G Vigil, Johannes Buchmann

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

2 Citaten (Scopus)

Samenvatting

Recent attacks and publications have shown the vulnerability of hierarchical Public Key Infrastructures (PKIs) and the fatal impact of revoked Certification Authority (CA) certificates in the PKIX validity model. Alternative validity models, such as the extended shell and the chain model, improve the situation but rely on independent proofs of existence, which are usually provided using time-stamps. As time-stamps are validated using certificates, they suffer from the same problems as the PKI they are supposed to protect. Our solution to this problem is abandoning time-stamps and providing proof of existence using Forward Secure Signatures (FSS). In particular, we present different possibilities to use the chain model together with FSS, resulting in schemes that include the necessary proofs of existence into the certificates themselves.

Originele taal-2Engels
TitelPublic Key Infrastructures, Services and Applications
Subtitel9th European Workshop, EuroPKI 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers
RedacteurenS. De Capitani di Vimercati , Chr. Mitchell
Plaats van productieBerlin
UitgeverijSpringer
Pagina's53-68
Aantal pagina's16
ISBN van geprinte versie9783642400117
DOI's
StatusGepubliceerd - 2013
Evenement9th European Workshop on Public Key Infrastructures, Services and Applications (EuroPKI 2012) - Pisa, Italië
Duur: 13 sep 201214 sep 2012
Congresnummer: 9

Publicatie series

NaamLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7868 LNCS
ISSN van geprinte versie03029743
ISSN van elektronische versie16113349

Congres

Congres9th European Workshop on Public Key Infrastructures, Services and Applications (EuroPKI 2012)
Verkorte titelEuroPKI 2012
LandItalië
StadPisa
Periode13/09/1214/09/12

    Vingerafdruk

Citeer dit

Braun, J., Hülsing, A., Wiesmaier, A., Vigil, M. A. G., & Buchmann, J. (2013). How to avoid the breakdown of public key infrastructures: forward secure signatures for certificate authorities. In S. De Capitani di Vimercati , & C. Mitchell (editors), Public Key Infrastructures, Services and Applications: 9th European Workshop, EuroPKI 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers (blz. 53-68). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7868 LNCS). Berlin: Springer. https://doi.org/10.1007/978-3-642-40012-4_4