Skip to main content
SpringerLink
Log in

Forward Secure Password-Enabled PKI with Instant Revocation

  • Conference paper
Public Key Infrastructure (EuroPKI 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4043))

Included in the following conference series:

  • 552 Accesses

Abstract

Recently the concept of password-enabled PKI is an emerging issue to support user mobility. Virtual soft token and virtual smartcard were proposed as the password-enabled PKI. However, the virtual soft token does not support key disabling. In the virtual smartcard, the user must interact with remote entity per signing operation. In addition, both schemes do not support forward secrecy and instant revocation.

In this paper, we propose a new approach that supports user mobility. The proposed approach supports key disabling and the user does not need interaction with the remote entity for each signature. Moreover, the proposed scheme allows instant key revocation. Thereby, the distribution of CRL is not required. Furthermore, the proposed scheme supports forward secrecy. In this sense, our scheme, implemented only software, is stronger than a long-term private key with physical smart cards. By forward secrecy and instant revocation, signing documents using a time-stamp provided by a trusted authority is not required to protect from modifying signed document by the adversary who knows private key.

This work was supported by the Soongsil University Research Fund.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Perlman, R., Kaufman, C.: Secure password-based protocol for downloading a private key. In: Proc. ISOC Network and Distributed System Security Symposium (1999)

    Google Scholar 

  2. Ford, W., Kaliski, B.: Server-assisted generation of a strong secret from a password. In: Proc. IEEE International Workshop on Enterprise Security (2000)

    Google Scholar 

  3. Jablon, D.P.: Password authentication using multiple servers. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 344–360. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  4. Ganesan, R., Yaksha: Argumenting kerberos with public-key cryptography. In: Proceedings of the ISOC Network and Distributed System Security Symposium (1995)

    Google Scholar 

  5. Sandhu, M.B.R., Ganesan, R.: Password-enabled pki: Virtual smart-cards versus virtual soft token. In: Proc. of 1th Annual PKI Resarch Workshop, pp. 89–96 (2002)

    Google Scholar 

  6. Wang, X.: Intrusion-tolerant passwqord-enabled pki. In: Proceedings of the 2nd Annual PKI Research Workshop, pp. 44–53 (2004)

    Google Scholar 

  7. Kwon, T.: Virtual software tokens - a practical way to secure pki roaming. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 288–302. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: Proc. IEEE Symposium on Research in Security and Privacy, pp. 72–84 (1992)

    Google Scholar 

  9. Jablon, D.: Strong password-only authenticated key exchange. In: Proceedings RSA Conference. LNCS, Internet Society (2001)

    Google Scholar 

  10. Wu, T.: The secure remote password protocol. In: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS 1998), San Diego, California, Internet Society, pp. 97–111 (1998)

    Google Scholar 

  11. Haber, S., Stornetta, W.S.: How to time-stamp a digital document. J. Cryptology 3, 99–111 (1991)

    Article  Google Scholar 

  12. Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology 13, 361–396 (2000)

    Article  MATH  Google Scholar 

  13. Dierks, T., Allen, C.: The TLS Protocol Version 1.0. IETF (1999)

    Google Scholar 

  14. Gamal, T.E.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inform. Theory 31, 469–472 (1985)

    Article  MATH  MathSciNet  Google Scholar 

  15. Tsiounis, Y., Yung, M.: On the security of elgamal based encryption. In: Public Key Cryptography, pp. 117–134 (1998)

    Google Scholar 

  16. Bellare, M., Miner, S.K.: A forward-secure digital signature scheme. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 431–448. Springer, Heidelberg (1999)

    Google Scholar 

  17. Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Data Communications Systems, University of Siegen, Hölderlinstraße 3, 57076, Siegen, Germany

    Seung Wook Jung

  2. School of Electronic Engineering, Soongsil University, 1-1, Sangdo-dong, Dongjak-ku, Seoul, 156-743, Korea

    Souhwan Jung

Authors
  1. Seung Wook Jung
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Souhwan Jung
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dip. di Automatica ed Informatica, Politecnico di Torino, Corso Duca degli Abruzzi, 24, 10129, Turin, Italy

    Andrea S. Atzeni

  2. Dip. Di Automatica e Informatica, Politecnico di Torino, Corso Duca degli Abruzzi 24, 10129, Torino, Italy

    Antonio Lioy

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jung, S.W., Jung, S. (2006). Forward Secure Password-Enabled PKI with Instant Revocation. In: Atzeni, A.S., Lioy, A. (eds) Public Key Infrastructure. EuroPKI 2006. Lecture Notes in Computer Science, vol 4043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11774716_5

Download citation

  • DOI: https://doi.org/10.1007/11774716_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-35151-1

  • Online ISBN: 978-3-540-35152-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation