Abstract
In this paper we take a closer look at the security and efficiency of
public-key encryption and signature schemes in public-key infrastructures
(PKI). Unlike traditional analysis which assume an ``ideal''
implementation of the PKI, we focus on the security of joint
constructions that consider the certification authority (CA) and
the users, and include a key-registration protocol and the algorithms of
an encryption or a signature scheme. We therefore consider
significantly broader adversarial capabilities. Our analysis clarifies and validates several crucial aspects such as the amount of trust put in the CA, the necessity and
specifics of proofs of possession of secret keys, and the security of the
basic primitives in this more complex setting. We also provide
constructions for encryption and signature schemes that provably satisfy
our strong security definitions and are more efficient than the
corresponding traditional constructions that assume a digital certificate
issued by the CA must be verified whenever a public key is used.
Our results address some important aspects for the design and standardization
of PKIs, as targeted for example in the standards project ANSI X9.109.
Translated title of the contribution | A Closer Look at PKI: Security and Efficiency |
---|---|
Original language | English |
Title of host publication | Public Key Cryptography - PKC 2007 |
Publisher | Springer Berlin Heidelberg |
Pages | 458-475 |
Volume | 4450 |
Publication status | Published - 2007 |
Bibliographical note
ISBN: 9783540716761Name and Venue of Conference: Public Key Cryptography – PKC 2007
Other identifier: 2000722