In the real world, insurance is used to mitigate-nancial risk to individuals in many settings. Similarly, it has been suggested that insurance can be used in distributed systems, and in particular, in authentica-tion procedures, to mitigate individual's risks there. In this paper, we further explore the use of insurance for public-key certiicates and other kinds of statements. We also describe ...

Wireless Sensor Networks (WSN) have played a crucial role in many military and civilian applications. However, with the increase in popularity of such networks, the demand for security is also increasing proportionally. The new sophisticated attacks can easily compromise these resource constraint networks such as WSN. In this paper, we propose a location and energy efficient routing scheme usin...

The Shibboleth middleware from Internet2 provides a way for users at higher-education institutions to access remote electronic content in compliance with the inter-institutional license agreements that govern such access. To protect end-user privacy, Shibboleth permits users to construct attribute release policies that control what user credentials a given content provider can obtain. However, ...

The basic job of a Public Key Infrastructure, PKI for short, is to define the mechanisms used both to allow a recipient of a signed message to trust a digital signature and to allow a sender to find the encryption key for a recipient. It is comprised of those elements needed to manage and enable the effective use of public key cryptography technology, particularly on a medium and large scale. N...

Optimized Public Key Infrastructures are traditional PKI in which end users may optimize the signatures of their documents, replacing the signer’s validation data with Optimized Certificates (OC). OCs carry the signer’s identification and public key, but are issued for a specific time, i.e., fields notBefore and notAfter have the same value, thus there are no reasons to revoke them. The OC’s ce...

Public-key cryptography is widely used to secure transactions among distributed systems and the Public Key Infrastructure (PKI) is the infrastructure that allows to securely deliver the public keys to these systems. The public key delivery is usually performed by way of a digital document called certificate. Digital certificates have a limited life-time and the revocation is the mechanism under...

Public-key encryption schemes are a useful and interesting field of cryptographic study. The ultimate goal for the cryptographer in the field of public-key encryption would be the production of a very efficient encryption scheme with a proof of security in a strong security model using a weak and reasonable computational assumption. This ultimate goal has yet to be reached. In this invited pape...

Certificateless cryptography aims at combining the advantages of identity based and public key cryptography, so as to avoid the key escrow problem inherent in the identity based system and cumbersome certificate management in public key infrastructure. Signcryption achieves confidentiality and authentication simultaneously in an efficient manner. Multi-receiver signcryption demands signcrypting...

The purpose of this paper is to show how probabilistic argumentation is applicable to modern public-key cryptography as an appropriate tool to evaluate webs of trust. This is an interesting application of uncertain reasoning that has not yet received much attention in the corresponding literature.