This paper analyzes security of Korean USIM-based PKI certificate service. Korean PKI certificate consists of public key and password encrypted private key on disk. Due to insufficient security provided by single password, Korean mobile operators introduced USIM-based PKI system. We found several vulnerabilities inside the system, including private key’s RSA prime number leakage during certific...

A project that piloted the secure electronic preparation of examination papers ran during the first semester of the academic year 1998-99 at the University of Salford. The examination papers were transferred between the participants (lecturers, administrators and external examiners) using secure electronic mail. Security was provided by a managed public key infrastructure. Users were profiled a...

This paper shows a generic method of constructing CCAsecure public key encryption schemes with leakage resilience on the secret key. It is based on a new kind of universal2 hash proof system which accepts an auxiliary parameter. Specifically, two schemes are presented, basing on the DCR assumption and DLIN assumption respectively.

We show how to construct secret-key functional encryption (SKFE) supporting unbounded polynomially many functional decryption keys, that is, collusion-resistant SKFE solely from SKFE supporting only one functional decryption key. The underlying single-key SKFE needs to be weakly succinct, that is, the size of its encryption circuit is sub-linear in the size of functions. We show we can transfor...

Public key cryptography is often used to verify the integrity of a piece of data, or more generally to ensure that operations which modify the data have been requested and carried out by principals who are authorized to do so. This requires keys to be bound to principals in an unforgeably veriiable manner. Cryptographic bit patterns such as electronic key certiicates (EKCs) have a part to play ...

A new construction is described for designing secret-key certiicate schemes based on signature schemes other than of the Fiat-Shamir type. Also described are practical secret-key certiicate issuing protocols that enable the Certiication Authority to certify public keys, without being able to compromise the conndentiality of the corresponding secret keys. Furthermore the design of secure showing...

In the previous lecture, we discussed the concept of Secret-Key Encryption. However, this scheme has a major limitation in the fact that the key has to be shared between the sender and the receiver before any message can be transmitted. There might be several cases where doing this is infeasible if there has been no prior communication between the sender and the receiver. In today’s lecture, we...

It is well-known that there exists a trade-off between crypto-period and affected risk, so the key derivation is not only constrained by the partial-order class relation but also by the time period while handling hierarchical key assignment in dynamic enterprises. In this paper, a new date-constraint hierarchical key assignment scheme, which does not make use of public key cryptosystem, is prop...

By introducing a set of trust attributes, the proposed W3 Trust Model combines a vertically trusted public key infrastructure with a horizontal referral Web classification. It provides a mechanism to assess both the trust and the transitivity of trust of web contents in a heterogeneous environment.