RIKE Using Revocable Identities to Support Key Escrow in PKIs Nan Zhang, Jingqiang Lin, Jiwu Jing, Neng Gao State Key Laboratory of Information Security,

Slides:



Advertisements
Similar presentations
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Advertisements

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Encryption Public-Key, Identity-Based, Attribute-Based.
Digital Signatures and Hash Functions. Digital Signatures.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
 A public-key infrastructure ( PKI ) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store,
Public Key Management and X.509 Certificates
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Technology – Broad View1 Networks  For the most part, not a technology, but political/financial issue Available bandwidth continuously increasing (“√2-rule”
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Unlinkable Secret Handshakes and Key-Private Group Key Management Schemes Author: Stanislaw Jarecki and Xiaomin Liu University of California, Irvine From:
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Digital Signature Technologies & Applications Ed Jensen Fall 2013.
By Jyh-haw Yeh Boise State University ICIKM 2013.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
Cyrtographic Security Identity-based Encryption 1Dennis Kafura – CS5204 – Operating Systems.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
E-commerce What are the relationships among: – Client (i.e. you) – Server – Bank – Certification authority Other things to consider: – How to set up your.
James Higdon, Sameer Sherwani
Configuring Directory Certificate Services Lesson 13.
Cryptography Chapter 14. Learning Objectives Understand the basics of algorithms and how they are used in modern cryptography Identify the differences.
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.
What is Digital Signature Building confidentiality and trust into networked transactions. Kishankant Yadav
By Umair Ali. Dec 2004Version 1 -PKI - a security architecture – over the internet. -Provides an increased level of confidence for exchanging information.
Security PGP IT352 | Network Security |Najwa AlGhamdi 1.
Welcome to the Introduction of Digital Signature Submitted By: Ankit Saxena.
DIGITAL SIGNATURE.
Pairing Based Cryptography Standards Terence Spies VP Engineering Voltage Security
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.
Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University
Security  is one of the most widely used and regarded network services  currently message contents are not secure may be inspected either.
Fundamentals of Network Security Ravi Mukkamala SCI 101 October 6, 2003.
Key management issues in PGP
Public Key Infrastructure (PKI)
زير ساخت كليد عمومي و گواهي هويت
PKI (Public Key Infrastructure)
Presentation transcript:

RIKE Using Revocable Identities to Support Key Escrow in PKIs Nan Zhang, Jingqiang Lin, Jiwu Jing, Neng Gao State Key Laboratory of Information Security, Chinese Academy of Sciences

Public Key Infrastructure - PKI A PKI certificate binds a public key and the identity of a user U. ▫Signed by a certification authority (CA). The public key (or certificate) can be used to verify signatures and encrypt messages, by another user U’. ▫U’ shall firstly validate/verify the certificate.

Conflicting Requirement – Key Escrow Non-repudiation: prohibit key escrow ▫Key escrow is prohibited, if the certificate (or public key) is used for non-repudiation.  E.g., verify signatures

Conflicting Requirement – Key Escrow Non-repudiation: prohibit key escrow Confidentiality: require key escrow ▫Key escrow (or key recovery) is usually required, if the certificate is used for confidentiality; e.g., encrypt messages. ▫A corporation backs up all private keys of its employees.  To decrypt the messages, in the case that the private key is unavailable.

Conflicting Requirements in One User These conflicting requirements can exist in one user. ▫U signs messages, sent to everybody. ▫Other users sends encrypted messages to U.

Current solutions Two-certificate solutions ▫Each user has two certificates (i.e., two key pairs).  One is for non-repudiation, not escrowed.  The other is for confidentiality, escrowed. Key escrow authority (KEA) ▫The component is responsible for storing the backups of escrowed private keys.

Drawback of the current Solution PKI system/CA ▫The number of certificates is doubled Relying party, who uses the certificate to encrypt/verify messages ▫Validate or maintain two certificates for each contact Key escrow authority ▫As certificates expire and more users ▫Backup more and more private keys

Our Solution - RIKE RIKE ▫Using Revocable Identities of IBE to support Key Escrow in PKIs ▫Integrating IBE and PKIs

IBE: Identity-based encryption A special type of public key algorithm Private key generator (PKG) ▫Initializes a secret master key and the pubic parameters A user's public key is calculated from its identity and the pubic parameters ▫by anybody The user asks the PKG to generate the private key corresponding to its identity. ▫When receiving encrypted messages

Inherent key escrow of IBE Features ▫Any bit-string can be used to derive a public key ▫Inherent key escrow  The PKG generates private keys for all IBE users

RIKE Basic idea ▫Each user has only one certificate, not escrowed  The certificate is used for non-repudiation

RIKE Basic idea ▫Each user has only one certificate, not escrowed ▫The hash value of the certificate is inputted to IBE as the “identity” to derive the second public key  This key pair is used for confidentiality  This IBE private key is inherently escrowed

RIKE Only one certificate ▫PublicKey 1 is not escrowed, used for the services prohibiting key escrow ▫PublicKey 2 is escrowed in the PKG, used for other services requiring key escrow

Benefits – from PKI The conflicting requirements of key escrow is satisfied Each user holds only one certificate ▫Relying parties manage only one certificate for each contact ▫Compared with two-certificate solutions, the number of certificates is half The PKG only keeps the IBE master key ▫On the contrary, the KEA in the current solutions back up all private keys

Benefit – from IBE In IBE, revocation is difficult, because users don’t want to change their identities In RIKE, the certificate can be revoked by lots of existing PKI revocation mechanisms The certificate is used as a “revocable identity” for IBE ▫If the PKI certificate is revoked, the “identity” and the IBE key pair is also revoked It helps to the application of IBE algorithms

Benefit – Compatibility RIKE integrates PKIs and IBE, in a highly- compatible way. It is highly-compatible with the popular X.509 PKIs. A certificate extension is designed to carry the IBE algorithm parameters ▫If a user doesn’t support this extension, the certificate is used a common X.509 certificate. ▫If the user support the extension, the IBE public key is derived.

Other issues Integrate hierarchical IBE and hierarchical PKIs to build hierarchical RIKE Hierarchical RIKE with cross certificates Refer to the paper for details

Any questions or comments? Jingqiang Lin

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.