Dynamic Public Key Certificates with Forward Secrecy
نویسندگان
چکیده
Conventionally, public key certificates bind one subject with static so that the can facilitate services of infrastructure (PKI). In PKI, need to be renewed (or revoked) for several practical reasons, including certificate expiration, private breaches, condition changes, and possible risk reduction. The renewal process is very costly, especially those environments where online authorities are not available or connection reliable. A dynamic (DPKC) facilitates changeover current public–private pairs without renewing authority (CA). This paper extends previous study in aspects: (1) we formally define DPKC; (2) security properties; (3) propose another implementation Krawczyk–Rabin chameleon-hash-based (4) two variants DPKC, using Ateniese–Medeiros key-exposure-free chameleon hash; (5) detail application scenarios.
منابع مشابه
Classifying Public Key Certificates
In spite of the fact that there are several companies that (try to) sell public key certificates, there is still no unified or standardized classification scheme that can be used to compare and put into perspective the various offerings. In this paper, we try to start filling this gap and propose a four-dimensional scheme that can be used to uniformly describe and classify public key certificat...
متن کامل0-RTT Key Exchange with Full Forward Secrecy
Reducing latency overhead while maintaining critical security guarantees like forward secrecy has become a major design goal for key exchange (KE) protocols, both in academia and industry. Of particular interest in this regard are 0-RTT protocols, a class of KE protocols which allow a client to send cryptographically protected payload in zero round-trip time (0-RTT) along with the very first KE...
متن کاملAn Improved Conference-Key Agreement Protocol with Forward Secrecy
Recently, Tzeng proposed a provably secure and fault-tolerant conference-key agreement protocol. It requires only a constant number of rounds to establish a conference key among all honest participants. This article will show that Tzeng’s protocol does not offer forward secrecy. We say that a conference-key agreement protocol offers forward secrecy if the long-term secret key of any participant...
متن کاملForward Secrecy in Password-Only Key Exchange Protocols
Password-only authenticated key exchange (PAKE) protocols are designed to be secure even when users choose short, easilyguessed passwords. Security requires, in particular, that the protocol cannot be broken by an o -line dictionary attack in which an adversary enumerates all possible passwords in an attempt to determine the correct one based on previously-viewed transcripts. Recently, provably...
متن کاملMultiple and Unlinkable Public Key Encryption without Certificates
We newly propose a multiple and unlinkable identity-based public key encryption scheme. Unlike the traditional public key encryption and identity-based encryption schemes, our scheme allows the use of a various number of identity-based public keys in different groups or applications while keeping a single decryption key so that the decryption key can decrypt every ciphertexts encrypted with tho...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Electronics
سال: 2021
ISSN: ['2079-9292']
DOI: https://doi.org/10.3390/electronics10162009