Abstract
Until recently, public-key certificate issuance has involved verifying users' identities and public keys over a separate and presumably secure—channel, such as in person or over the phone. However, the recent draft SET specification has changed that with a protocol for issuing public-key certificates to credit card holders in an interaction that takes place entirely over the Internet.
We describe the security concerns of protocols for public-key certificate issuance. These concerns include US export controls, weak DES encryption, and offline guessing attacks. We motivate and describe two protocols that have appeared in drafts of the SET specification. Plus, we describe a new protocol for public-key certification issuance.
Supported by grants HKUST 608/94E from the Hong Kong Research Grants Council and AF/253/95 from the Hong Kong Industrial Technology Development Committee.
Supported by grant HKUST 608/94E from the Hong Kong Research Grants Council.
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
Mihir Bellare and Phillip Rogaway. Optimal asymmetric encryption. In Advances in Cryptology-Proc. Eurocrypt '94, (LNCS 950), pages 92–111. Springer-Verlag, 1994.
Matt Blaze, Whitfield Diffie, Ronald Rivest, Bruce Schneier, Tsutomu Shimomura, Eric Thompson, and Michael Wiener. Minimal key lengths for symmetric ciphers to provide adequate commercial security http://www.bsa.org/policy/encryption/∼cryptographers.html (January 1996).
Li Gong and Mark A. Lomas and Roger M. Needham and Jerome H. Saltzer. Protecting Poorly Chosen Secrets from Guessing Attacks. IEEE Journal on Selected Areas in Communications, 11(5):648–656, June 1993.
Charlie Kaufman, Radia Perlman, and Mike Speciner. Network Security, Private Communication in a Public World. Prentice-Hall, Englewood Cliffs, New Jersey, 1995.
Bruce Schneier. Applied cryptography: protocols, algorithms, and source code in C. Wiley, New York, second edition, 1996.
Secure Electronic Transaction (SET) specification (Version 1.0) available on the Internet via http://wvw.mastercard.com or http://www.visa.com. Jointly developed and issued by Mastercard and Visa (May 1997)
Michael J. Wiener. Efficient DES key search. Technical Report TR-244, School of Computer Science, Carleton University, May 1994. Reprinted in Practical Cryptography for Data Internetworks, W. Stallings (ed.), IEEE Computer Society Press, pp 31–79, (1996).
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1997 Springer-Verlag
About this paper
Cite this paper
Gray, J.W., Epsilon Ip, K.F. (1997). Protocols for Issuing public-key certificates over the Internet. In: Han, Y., Okamoto, T., Qing, S. (eds) Information and Communications Security. ICICS 1997. Lecture Notes in Computer Science, vol 1334. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0028498
Download citation
DOI: https://doi.org/10.1007/BFb0028498
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-63696-0
Online ISBN: 978-3-540-69628-5
eBook Packages: Springer Book Archive